My email was hacked

Creation date: 7/8/2026 3:05 PM    Updated: 7/8/2026 3:05 PM

First, take a deep breath. Once you've regained access to the account (click FORGOT PASSWORD at my.brenau.edu) and changed your password, the goal shifts to building a digital fortress around your data so this doesn't happen again.

Here is a straightforward strategy to lock down your accounts and prevent future security breaches.

1. Upgrade Your Password Strategy

Most email hacks happen because of password reuse (using the same password on multiple sites) or weak passwords that can be guessed by automated software.

  • Use a Password Manager: Stop trying to memorize dozens of unique logins. Use a trusted password manager (like Bitwarden or 1Password) to generate and store complex passwords.

  • The "Passphrase" Method: If you must memorize a password, use a passphrase—four or five random words strung together (e.g., purple-notebook-laptop-skyline). It is incredibly difficult for a computer to crack but easy for a human to remember.

2. Activate Two-Factor Authentication (2FA)

If you only implement one piece of advice from this list, make it this one.

Two-Factor Authentication (2FA) acts as a second lock on your door. Even if a hacker successfully steals your password, they still cannot access your account without a secondary code sent to your physical device.

  • Turn it on everywhere: Enable 2FA on your student email, your personal email, your university portal, and your social media accounts.

  • Choose the right method: An Authenticator App (like Google Authenticator or Microsoft Authenticator) is much safer than SMS text message codes, which can be intercepted by advanced hackers via SIM-swapping.

3. Audit Your Account Settings

Hackers often leave "backdoors" open so they can slip back into your account even after you change your password. Check these three settings immediately:

  • Connected Devices: Go to your email security settings and look at "Active Sessions" or "Logged-in Devices." Log out of every device you don't recognize.

  • Forwarding Rules: Check your email settings to ensure the hacker didn't set up a rule that silently forwards all your incoming mail to their own address.

  • Recovery Info: Ensure the backup phone number and recovery email address listed on the account are actually yours.

4. Learn to Spot Phishing Tactics

As a student, you are a prime target for phishing—fake emails designed to trick you into revealing your login credentials.

  • The "Urgent" Trap: Be highly suspicious of emails claiming your student aid is cancelled, your account is suspended, or you have an urgent message from a "professor" demanding you click a link and log in.

  • Check the Sender Address: Don't just trust the name at the top of the email. Look at the actual email address. If it claims to be from your university but ends in @gmail.com or a strange domain, it's a scam.

  • When in doubt, go direct: Never log into a student portal by clicking a link inside an unexpected email. Instead, open a new browser tab, go to your university's official homepage, and log in from there.

5. Secure Your Campus Devices

  • Log Out on Campus Computers: If you use a computer in the university library or a computer lab, always completely log out of your email and browser sessions before walking away.