Short version: Use a safe device first. If the compromised device is being monitored, changing passwords on it may warn the wrong person.
Why This Matters
Cybersecurity-help threads often include the same details: an ex knows things they should not know, accounts show strange logins, messages were read, or a phone behaves oddly. The hardest part is deciding what to change first.
The safest starting point is to use a device and network the other person cannot access, then lock down the accounts that control everything else.
Step By Step
- If you think someone dangerous is actively monitoring you, use a trusted device away from them before changing passwords.
- Secure your primary email first because it resets everything else.
- Change passwords to long, unique passwords stored in a password manager.
- Turn on multi-factor authentication, preferably using an authenticator app or security key instead of SMS when possible.
- Review logged-in sessions and sign out devices you do not recognize.
- Check account recovery emails, phone numbers, trusted devices, forwarding rules, and connected apps.
- Update your phone, apps, and computer. Remove apps you do not recognize.
- Check family sharing, location sharing, shared phone plans, cloud photo sharing, and shared password vaults.
Checklist
- Primary email secured
- Banking and phone carrier secured
- Social accounts secured
- Cloud backups reviewed
- Location sharing disabled or confirmed
- Unknown sessions signed out
- Recovery methods changed
- Important evidence saved before account cleanup
Common Mistakes
- Do not change everything from a device you believe is compromised unless you have no safer option.
- Do not reuse passwords.
- Do not ignore account recovery settings.
- Do not delete suspicious login notices before saving them.
When To Stop DIY
- If the account access is connected to threats, stalking, domestic violence, financial theft, or sextortion, preserve evidence and report through the appropriate channel.
- If you suspect spyware and safety is at risk, contact a victim advocate or qualified digital-safety professional before factory resetting the device.
Simple Template
- Suspicious sign: Login alert, read messages, location knowledge, app installed, password reset, etc.
- Account affected: Email, Apple ID, Google, social, bank, carrier.
- Evidence saved: Screenshots, emails, login history.
- Action taken: Password changed, MFA enabled, sessions revoked, recovery updated.
- Remaining concern: Device, shared plan, cloud backup, location sharing.