Unauthorized Sign-In
Unauthorized Sign-In: What to Do
If you did not receive a "New Sign-In" email - or if you did but recognize the activity - no action is needed. Your mSecure account is safe. However, if you receive a "New Sign-In" email and suspect unauthorized access, follow the steps below immediately.
Important Notes:
- Not being able to unlock mSecure does not necessarily mean your account in compromised.
- The best way to protect your real accounts is to change their passwords directly through their official apps or websites.
- Login data in mSecure is a mirror of your actual account credentials - if you change your real account password, any stolen credentials become useless.
Understanding Unauthorized Access
If an unauthorized person signs in to your mSecure account, they must have gained access to your email, account password, and encrypted account key. Since mSecure does not store your password or encrypted key on its servers, the breach likely occurred through other means, which we discuss later in this article.
For Wi-Fi Sync Users
If you use Wi-Fi syncing, your mSecure data remains secure. Wi-Fi sync stores your information only on your devices, not in a remote location, so no one can download your data. However, an unauthorized sign-in still indicates that someone has access to personal information they should not. Refer to the security measures at the end of this article to better protect your digital life.
Can You Still Unlock mSecure on Your Devices?
If you can unlock mSecure, the first step is to change your account password immediately to prevent further unauthorized access. Once changed, all devices currently signed into your account will be notified and will require the new password to unlock the app. If you need help changing your password, refer to the instructions in this article.
However, while changing your password blocks future access, the thief may have already made a backup of your data, which could be restored in a different mSecure account. Changing your password does not guarantee the safety of your real online accounts.
Protecting Your Real Accounts
To fully secure your accounts, you must change the passwords for each of them through their official apps or websites. mSecure stores a copy of your real credentials - if those credentials have been stolen, updating them makes the stolen information useless.
- Prioritize sensitive accounts first, especially financial institutions.
- Change the passwords for all active accounts to ensure complete security.
- Once all passwords are updated, any stolen mSecure logins will be useless.
Even after taking these steps, further action is needed. See the bottom of this article for guidance on preventing identity theft and improving digital security.
Did you Receive a Password Change Notification on Another Device?
If an unauthorized user is able to sign in to your account, they could have changed your password, locking you out of mSecure. If this happens, you will receive a "New Sign-In" email and see a notification that says, "Your password has. been changed on another device."
Take Immediate Action: Reset Your mSecure Account
A reset will:
- Remove all data stored in the mSecure Cloud.
- Log you out of mSecure on all devices.
- Render any stored data in Dropbox or iCloud unusable.
You will lose all stored data unless you have a backup. If you have a backup, you can restore your information after resetting your account.
How to Reset Your Account:
- Open the Reset Account Page in your browser.
- Enter your mSecure account email and click "Start Process."
- Check your email for "Account Reset for mSecure" and click the reset link.
- Create a new Account Password and confirm it.
Note: This will DELETE all of your data.
After resetting, the unauthorized user will no longer have access, but they may still possess a backup of your data. Follow the password update steps above to protect your real online accounts.
After Changing Your mSecure Password:
1. Reinstall mSecure on all devices.
2. If using a Mac:
- Open mSecure -> Click Help in the top menu bar.
- Hold the Option key and click "Show Data in Finder."
- Close mSecure, delete the mSecure.mscb file, and relaunch mSecure.
3. If using iCloud or Dropbox syncing:
Delete the data.mssb file in:
- Dropbox: Dropbox/Apps/mSecure/accountID/data.mssb
- iCloud: Drive/mSecure/accountID/data.mssb
4. Restart your device and sign back into mSecure.
Securing Your Digital Life
Even after securing your mSecure account, additional steps are necessary to prevent identity theft. While the links below are not affiliated with us, they may be helpful in protecting your data and responding to a potential breach:
- Bankrate: https://www.bankrate.com/finance/credit/steps-for-victims-of-identity-fraud.aspx
- Tom's Guide: https://www.tomsguide.com/us/what-to-do-ssn-stolen,news-18742.html
Since mSecure does not store your password or encrypted key, any breach likely occurred through:
- Malware or keyloggers installed on your device.
- Phishing attacks or security breaches on other accounts.
What to Do Next:
- Scan your device for malware and viruses using security software like Windows Defender, Avast or AVG.
- Update your operating system and security patches.
- Check your email settings for unusual forwarding rules or unauthorized changes.
- Change passwords for all email accounts and update security questions.
- Enable two-factor authentication (2FA) for added protection.
For more guidance, refer to the Federal Trade Commission's guide on dealing with a hacked email account and always use a virtual private network when connecting to public networks.
Taking these steps will help prevent future attacks and protect your personal information.
Did you find it helpful? Yes No