Attempted recovery not by me on my android tablet from Myanmar/ Burma

rif · « **on:** 29 Jan 2020, 06:54 pm »

This morning I received several notifications in quick succession that someone from Myanmar was attempting a recovery on my google account on my android tablet (or breach, don't recall). I consistently clicked "no, it's not me".

I then changed my google password and some for other important sites (financial institutions), but left a lot alone-such as this site.

Should I be concerned? Where can I contact google for assistance? Best I can find is a community forum, but there are lots of questions but few answers.

Thanks!
-david

jtwrace · « **Reply #1 on:** 29 Jan 2020, 07:06 pm »

Just use a password manager that makes a VERY STRONG password and you'll be fine

DaveC113 · « **Reply #2 on:** 29 Jan 2020, 10:11 pm »

It's more important to change passwords frequently and not use the same ones for different websites. If you have used the same password for multiple sites and/or have not changed them in ~6 months I'd through and change all of them.

I agree with jtwrace with using a password manager that randomly generates passwords as well.

rif · « **Reply #3 on:** 29 Jan 2020, 11:21 pm »

Thanks guys
I'll change all the passwords for sites I actually still use.
I'm hesitant about password managers, but I'll look into them. What do you use?

FullRangeMan · « **Reply #4 on:** 29 Jan 2020, 11:38 pm »

Should I be concerned?
Yes certainly. Dont use passwords managers.
Its is laborious type passwords indeed,
I suggest keep your passwords in a copybook.

Iam out of google after I have list 3 email account I realized its impossible recovery a account, no other free email service are this bad.

rif · « **Reply #5 on:** 30 Jan 2020, 12:02 am »

Copy book- do you mean to write them down on paper? That's what I do now, and it's in code too so if someone gets their hands on the paper, its meaningless to them.

Since I mainly use an android tablet, the path of least resistance is to use google everywhere, which I really don't mind.

FullRangeMan · « **Reply #6 on:** 30 Jan 2020, 12:15 am »

Yes on paper, I was never stolen with this system.

OBS.> It is unlikely anyone in this distant country knows you, it must be a proxi address.

WGH · « **Reply #7 on:** 30 Jan 2020, 12:33 am »

Password managers are the only way to go. I have over 200 unique passwords for all the sites that needed registration over the last 15 years, each one is different. If one site is hacked then that is the only password the hackers get, it won't work anywhere else. The Copy/Paste feature means there is never any typos either.

I use the free Keypass2Android and the free KeyPass 2 on my PC. The password safe is automatically updated and saved in the cloud so all my old and new passwords are available wherever I go.

All the names and passwords can also be printed out with Keypass2 if you prefer to carry a paper list, make sure to write your name, address, phone, and email on the papers so they can be returned if you loose them.