Locked Out of Your Reddit Account? Don't Panic

Many Reddit users found themselves locked out of their accounts yesterday (Jan. 10) due to a "security concern." Even worse, some users were erroneously told that their accounts had been suspended. All affected Reddit affected will have to change their account passwords.

Credit: chrisdorney/Shutterstock

(Image credit: chrisdorney/Shutterstock)

Reddit admin Sporkicide told users that "a large group of accounts" had been locked down due to "unusual activity that did not correspond to the account's normal behavior [and] may indicate unauthorized access."

Sporkicide described what appeared to be a credential-stuffing attack. In other words, someone was trying to log into a batch of Reddit accounts using email addresses and passwords stolen from other sites' data breaches.

MORE: How to Create Super-Secure Passwords

Credential-stuffing attacks are possible only because so many people reuse passwords across multiple accounts. If you use a unique password for every website — something made easiest by a password manager — then you won't have this problem.

Anyone whose Reddit account was affected will be allowed to log back in using their old password, but will then be prompted to change it. If Reddit has your email address (it's not required), you'll also be notified via email.

"Please, please, please make sure you choose strong passwords that are unique to Reddit," Sporkicide wrote, adding a suggestion that Reddit users enable two-factor authentication (2FA) to further strengthen their accounts.

In a separate post, Sporkicide revealed that some users who were locked out mistakenly received suspension notices, which should be ignored.

Reddit suffered a data breach of its own in mid-2018 when crooks intercepted the 2FA verification code sent to a Reddit administrator's smartphone, possibly as a result of SIM hijacking or unauthorized call forwarding. Fortunately, the 2FA protocol available to Reddit users is much safer because it requires an authentication app like Google Authenticator.

TOPICS
Paul Wagenseil

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.

Latest in Online Security
An open lock depicting a data breach
Half a million teachers hit in major data breach with SSNs, financial data and more exposed — what to do now
Green skull on smartphone screen.
Malicious Android apps with 60 million installs bombarding phones with ads and phishing attacks — how to stay safe
Malware
Dangerous new password-stealing trojan automatically reinstalls itself on infected PCs
An FBI agent typing on a computer
FBI issues warning to millions of Americans to avoid these websites that can steal your passwords and banking info
How to delete TikTok
TikTok has rolled out a vital new security feature — here's how to use it
A hacker typing quickly on a keyboard
New MassJacker malware is hijacking digital wallets to steal large sums from users
Latest in News
NYTimes Connections
NYT Connections today hints and answers — Thursday, March 20 (#648)
A phone with the Plex logo in front of an out-of-focus background of movie posters
Yikes! Plex is getting a price hike and this key feature is going behind a pay wall
back of Iris Pixel 9a
Google Pixel 9a pre-orders delayed due to 'component quality issue' — here's when you can get one
An open lock depicting a data breach
Half a million teachers hit in major data breach with SSNs, financial data and more exposed — what to do now
Sony A95K QD-OLED TV in front of windows in a living room
This new TV breakthrough looks like a game-changer for OLED TVs
Apple iPhone 16 & 16 Plus hands-on.
Forget USB-C — a truly portless iPhone just got the all-clear from the EU