I received an email notification telling me that someone requested a password reset for my account. However, I did not request a password reset, at least not intentionally. What should I do?
Hello Martin and thanks for letting us know, I will relay the info to anoek he might want to take a look, but other than that there is probably not much to do and hopefully no significant cause for alarm.
If you want to be super sure make sure your password is something safe and unique.
Specifically the password on email account should be the strongest you can remember if you aren’t using a password manager.
And use a password manager. They’re so handy.
Yes, thank you. I changed it to be doubly sure, and I believe it should be safe. Also I noticed that in the process of changeing it, I didn’t receive an email - everything happened on site. Now I’m even more confused as to why I received that email. I made sure that the adress was firstname.lastname@example.org, at least that’s what my email software says. Anyway, I’m not too concerned about this, but thought I’d let you know.
The e-mail you have recieved was not that someone tried to change your password (like you did in your settings).
The original e-mail was a password reset request. Which is what happens when you are not logged in and click the “forgot my password” link. In that case an e-mail is sent to the address linked with a given username, to provide an option to recover a forgotten password.
But now that you talk about it, we might consider issuing an e-mail that a password has actually been changed too.
Ah, I see. In that case, perhaps I accidentally hit that link on my mobile phone.