More than 500 million Yahoo users’ accounts may have been breached when data was stolen from the company in late 2014. A recent Yahoo investigation has found that user account information was stolen after a hack, which may include names, emails, phone numbers, birth dates, hashed password, and unencrypted or encrypted security questions and answers, Yahoo has announced. You’re likely going to want to change your password right away.
Here’s how to change your password.
To change your Yahoo Account password, first log in and go to your Yahoo Account information page. (If you haven’t changed your Yahoo password in a while, then Yahoo may prompt you to verify your account by sending a text message to your phone. This is a normal verification.) On the mobile browser, tap the Menu Icon. You’ll need to now click “Account Security.” Then click “Change Password.” Type in a new password and confirm it. Click “continue” to finish. For more details, see Yahoo’s help page here.
This whole process may be made easier for you, however. When you first log into your Yahoo account, Yahoo may prompt you to go ahead and change your password and update your mobile information, just to be secure. If you get the following screen when you log in, click on “Yes, secure my account.” Don’t choose to secure it later.
You’ll then be automatically directed to a page where you can set a new Yahoo password. Type in your new password, then type it again in the “confirm password” space. Then click “Continue.”
At this point you’ll be prompted to enter a recovery email and phone number, or confirm the ones you already have. Confirm them and click “Looks good.” You’re now set to go!
Know that just because you change your Yahoo password, you’re not now safe from all breaches or hacked information. You’ll want to find any account, even outside of Yahoo, where you used the same password and change your password there too.
Now might also be a good time to start using a password manager application. This app will make sure that you use a different password for every account, so if one account is hacked it won’t make all your other accounts vulnerable. Services like LastPass and KeePass are good choices.