back to [Mail Settings]

Password Stolen Issue
6/24/10

One of our family members reported that their Hover account was compromised.  Someone had gotten their password and changed some of the settings, including forwarding.  They noticed because they hadn't gotten email for awhile, then when trying to get in they were locked out.  Hover had shut down the account because there was excessive spam being sent through the outgoing account.

There was some concern that this may have compromised other family accounts, but upon investigation, that is unlikely.  Only one account out of 16 reported trouble, and the individual accounts don't have access to the admin control panel for the overall account.  The most likely cause was either spyware or botware on the affected computer.

The issue drew attention to the security options.  You can enable SPA (Secure Password Authentication), or SSL (Secure Socket Layer), but those features only offer limited protection.  Using a strong password and occasionally changing it may also be advisable, but if you do so, please have a system in place to be able to find your password.  I personally don't write my critical passwords down anywhere.  I have variations for different requirements and use code to remind me which variations are implemented.

The Ticket number for this issue with Hover was 249834.  The tech support number was (416) 538-5498 based out of Toronto.