I've received an unrecognised device verification request

  • Updated

If you receive a verification email from Patreon and don't recognise the location, please follow these tips below to keep your account safe. 

Change your password

If someone other than you has triggered a device verification request, it means that someone successfully entered your login credentials. If you have an email and password login, you’ll want to change your password as soon as you can to prevent future login attempts from unknown parties. 

If you use a third-party login app like Google or Facebook, we recommend that you change your password on that app directly. 

Making a strong password

  • Use a combination of at least six numbers, letters and punctuation marks (like ! and &). 
  • It should be different from other passwords you use elsewhere on the internet. 
  • Use a service like 1Password
  • Change your password regularly.

If you are unable to log into your account as it has been locked due to security issues, you can change it using the forgot password form: https://www.patreon.com/forgot-password

How did someone get your password?

Patreon does not store passwords; we keep the "BCyrpt hash" of a password and check that the password you log in with matches it. 

The most common way of accessing your password is through one of three methods:

  • Password reuse: someone accessed your password for another service that does not store them correctly 
  • Phishing: a phishing attack happens when someone tries to trick you into sharing personal information online. Phishing is typically done through email, ads or on imposter websites that seem similar to ones you already use. For example, you might get an email that seems like it’s from your bank asking you to confirm your bank account number.
  • Malware: while this is rarer, it can happen that malware logs the passwords you are typing into your browser. Check your browser for suspicious add-ons or plug-ins and make sure your browser and operating system are updated.

Tips for keeping your account safe 

  • Never give your password out to someone you don't know or publish it in an email
  • Turn on two-factor authentication log-in. This feature enables you to bypass device verification by authenticating all log-in attempts directly from your mobile device. Here are our steps for setting up two-factor authentication log-in 
  • Make sure your email account is secure. Change your password often and use unique passwords. Anyone who can read your email can likely also access your Patreon account.

Was this article helpful?

Thank you for your feedback!

What went wrong?