If your account has been compromised—or hacked—it means that someone stole your password and might be using your account to access your personal information or send junk email. To recover your account and prevent it from being hacked again, follow these steps.
Most hackers get your password through malware (malicious software) that's been installed on your PC without your knowledge (for example, when you download a new screen saver or toolbar). It’s important to clear your PC of viruses or malware before you change your password. That way, the hackers won’t get your new password.
After you install an antivirus program, set up the program to get updates and scan your PC on a regular basis. If you're running Windows, you can download and install Microsoft Security Essentials for free.
After you install an antivirus program, try to sign in to your account.
If you can still sign in to your account, you should change your password right away.
If you can’t change your password, try to reset your password.
You can take the following actions to keep your account safer and make it easier to recover if it’s ever compromised again.
Make it at least eight characters long.
Don't use your user name, real name, or company name.
Don't use complete words.
Make it significantly different from previous passwords and don’t use the same password for all of your accounts.
Include a combination of uppercase and lowercase letters, numbers, and symbols (such as !, #, *).
Most operating systems have free software updates to enhance security and performance. Because updates help keep your PC safer, we strongly recommend that you set up your PC to get these updates automatically.
You can easily set up your PC to get the latest updates automatically for Windows XP , Windows Vista , or Windows 7 .
We will never ask for your password in email, so never reply to email asking for any personal information (even if they claim to be from Outlook.com or Microsoft).
If you often use public computers or wireless connections that are not secure, consider changing your account to always use HTTPS. To start using HTTPS, change your settings. You can also request a single-use code to use when you need to sign in from a public computer. This is a good option if you use public computers now and then. Learn more about single-use codes .
Adding security info to your account can make it easier to recover your account if someone else takes control of it. Because this info is used for your safety, it's a good idea to add as much of it as you can. Learn more about why it's a good idea to add security info.
To add security info:
Go to Microsoft Account overview, and sign in with your Microsoft account email and password.
On your account page, under Account security, select the "Manage" link next to the Security info section.
On the Manage security info page, click Add New next to Mobile phone, Alternate email address, Trusted PC, or Security question, and then follow the instructions to add the security info to your account.
In some regions, you can't use your phone number for security info.
Under Managing your account, click Account details (password, addresses, time zone). You might be asked for your password.
Under Account security, next to Security Info, click Manage.
Under Security question, click Change.
Enter a new question and answer, and then click Save.
Since someone else had access to your account, we've cleared your account settings and removed any send-as addresses, email forwarding, auto-replies, and linked accounts. You'll need to take the following steps to reset these options.
Sending/receiving mail from other accounts
Email forwarding
Sending automated vacation replies
Click Linked IDs, and then click Add linked ID.
Under Writing email, click Reply-to address.
As soon as we detected that you might be hacked, we started saving your deleted messages in a safe place. In Outlook.com, click the Deleted folder. At the bottom of the window, click recover deleted messages.
Outlook.com will recover as many messages as possible and put them in your Deleted folder. If you don't see the deleted messages that you wanted, it means they're permanently lost.
If some or all of your contacts have been deleted, you might be able to restore them. See Restore deleted contacts to your Microsoft account.
Email deleted from children's accounts can't be restored. This way, parents can be confident that when they delete messages from their children’s accounts, they stay deleted.
Simple instructions for common tasks.Outlook.com basics
Need more help? Ask your question in the community forums
Have ideas for Outlook.com? Give us feedback
Can't get to Outlook.com? Check service status
Think someone hacked your account? Go to Account Password Recovery
