I received an unrecognized device verification request

  • Updated

If you receive a verification email from Patreon and don't recognize the location, please follow these tips below to keep your account safe. 

Change your password

If someone other than you has triggered a device verification request, it means that someone successfully entered your login credentials. If you have an email and password login, you’ll want to change your password as soon as you can to prevent future login attempts from unknown parties. 

If you use a third-party login app like Google or Facebook, we recommend that you change your password on that app directly. 

Making a strong password

  • Use a combination of at least six numbers, letters, and punctuation marks (like ! and &). 
  • It should be different from other passwords you use elsewhere on the internet. 
  • Use a service like 1Password
  • Change your password regularly.

If you are unable to log into your account being locked due to security rate limiting, you can change it using the password forgot form: https://www.patreon.com/forgot-password

How did someone get your password?

Patreon does not store passwords; we keep the "BCyrpt hash" of a password and check that the password you log in with matches it. 

The most common method of access to your password is through one of 3 methods:

  • Password reuse: someone accessed your password for another service that does not store them correctly 
  • Phishing: a phishing attack happens when someone tries to trick you into sharing personal information online. Phishing is typically done through email, ads, or on imposter websites that seem similar to ones you already use. For example, you might get an email that seems like it’s from your bank asking you to confirm your bank account number.
  • Malware: while this is rarer, it can happen that malware logs the passwords you are typing into your browser. Check your browser for suspicious add ons or plugins and make sure your browser and operating system are updated.

Tips for keeping your account safe 

  • Never give your password out to someone you don't know or publish it in an email
  • Turn on two-factor authentication login. This feature enables you to bypass device verification by authenticating all login attempts directly from your mobile device. Here are our steps for setting up two-factor authentication login 
  • Make sure your email account is secure. Change your password often and use unique passwords. Anyone who can read your email can likely also access your Patreon account.

Was this article helpful?

Thank you for your feedback!

What went wrong?