Getting repeated password reset emails from Facebook can be annoying and concerning. These emails usually mean someone is trying to access your account. While it’s unlikely your account has actually been compromised, it’s important to take steps to secure it.
What causes the password reset emails
There are a few potential reasons you may be getting password reset emails from Facebook:
Someone is trying to access your account
The most common reason for the emails is that someone has your email and password and is trying to log in to your Facebook account. This could be:
- A friend or family member who knows or has guessed your password
- A hacker who acquired your login credentials from a data breach
- Malware on your computer that captured your info when you logged in
Whoever it is, they are triggering Facebook’s password reset process when they try unsuccessfully to access your account. Facebook detects the failed logins coming from an unknown device and sends you a reset email.
You have an old saved password
If you have Facebook saved password in your browser or app from a while ago, it may be outdated. When you try to log in with the old password, it will fail and trigger a reset email.
It’s a scam or phishing attempt
While less likely, it’s possible the emails are from a scammer trying to phish your information. The email contains a fake password reset link that goes to a phony Facebook login page controlled by the scammer. When you enter your username and password, the scammer captures it.
How to stop the password reset emails
To prevent further password reset emails from Facebook, take the following actions:
Change your Facebook password
The first step is to change your Facebook password. Even if you don’t think your account has been compromised, changing the password will stop whoever is triggering the resets from attempting to access the account.
Login to Facebook and go to Settings > Security and Login > Change Password. Create a new, strong password that you don’t use on any other sites.
Turn on two-factor authentication
Enabling two-factor authentication adds an extra layer of security to your account by requiring both your password and a temporary access code to login. This code is either texted to your phone or generated by an app like Google Authenticator.
In Facebook, go to Settings > Security and Login and enable two-factor authentication. Then when you or anyone else attempts to login, you will need both the password and a unique access code.
Remove saved passwords
Check that your browsers and apps no longer have saved Facebook passwords. Removing any outdated saved passwords eliminates them as a cause of failed logins and reset emails.
In your browser settings, find the saved passwords section and delete any listed for Facebook. Do the same for any apps like Facebook mobile or Messenger.
Revoke account access for other apps and sites
Apps and websites you’ve connected to your Facebook account may be trying to access it with an old or invalid token. Review your account connections at Facebook Settings > Apps and Websites and remove access for any unfamiliar or unused apps.
Check where you’re logged in
Facebook allows you to see all the locations and devices you’re currently logged into your account from. Check the list at Facebook Settings > Security and Login > Where You’re Logged In. Log out of any unknown or suspicious sessions.
Run an anti-virus scan
As a precaution, run a full system anti-virus scan to check for any malware that may be capturing your account info. Malwarebytes and Microsoft Defender are good options for security software.
When to be concerned about the emails
In most cases, the repeated password reset emails are just a nuisance and your account is secure. However, you should be more concerned if you notice any of the following:
- Emails coming from an address that isn’t Facebook’s official [email protected]
- Suspicious links or attachments in the email
- Password resets for accounts unaffiliated with Facebook
- Unfamiliar login locations shown on Where You’re Logged In
- Strange posts or messages sent from your Facebook account
These could indicate your account has actually been compromised rather than just login attempts. If you’re unsure, it doesn’t hurt to take extra precautions like contacting Facebook support to confirm the emails are legitimate.
How to further strengthen your Facebook security
In addition to the steps above, here are some other ways to tighten security on your Facebook account:
Use a password manager
A password manager like LastPass or 1Password generates and stores strong, unique passwords for all your accounts. This prevents password reuse which helps keep you safe.
Set up login alerts
Facebook has an option to get alerts when anyone logs into your account from a new device or browser. Turn this on at Facebook Settings > Security and Login.
Limit posts visibility
Don’t default to sharing posts publicly. Use friend lists and settings to only share info with certain people when appropriate.
Be wary of third-party apps
Only connect apps you trust to your Facebook account. Be cautious when an app asks for a lot of profile permissions.
How to deal with a hacked Facebook account
If you confirm your Facebook account has been compromised, take the following steps:
- Log in and reset your password again
- Remove any unfamiliar account connections
- Delete suspicious posts or messages
- Report compromised account in Facebook Help Center
- Contact friends to alert them of potential scam messages from you
You can also submit forms to have Facebook review suspicious activity and lock your account if needed. Be patient as it may take a bit for them to investigate and restore access.
When to contact Facebook support
Reach out to Facebook’s support channels if:
- You can’t reset your password successfully
- Suspicious activity continues after resetting password
- You need help disabling account connections
- You believe your account was hacked
Facebook’s Help Center has forms to request account review for hacking, submit ID to regain access, and more. You can also try contacting them on Twitter @FacebookHelp.
Conclusion
Repeated Facebook password reset emails are usually just an annoyance and sign someone is trying to access your account. They can often be resolved by changing your password, enabling two-factor authentication, and removing saved passwords. But if you see suspicious activity, take action to secure and recover your account.
| Cause | Solution |
|---|---|
| Someone trying password | Change password, enable 2FA |
| Saved old password | Remove saved passwords |
| Scam/phishing | Don’t click links, report emails |
With good password hygiene and security habits, you can rest assured your Facebook account remains protected. But if you ever receive a suspicious reset email or notice questionable account activity, take steps right away to lock things down.