Available Now: Buy the new iPhone 14, iPhone 14 Pro and iPhone 14 Pro Max from AT&T!
Need to update email settings?
S

New Member

 • 

7 Messages

Mon, Jul 25, 2022 7:11 PM

Need new password every two weeks

I have ATT email through Yahoo. I always sign on for two weeks when prompted to enter my ID and password. For the past few months, my password is not accepted and I have to create a new password every two weeks. Then, of course, I have  to update the password on all my devices. Does anyone know why this is happening? 

New Member

 • 

7 Messages

2分前

My two weeks was up today and it accepted my current password!! Did they actually fix it????

tonydi

ACE - Guru

 • 

7.4K Messages

2分前

Not that I've seen.  It's always accepted the same password when you tell it your forgot your password and have to go through the dance to "change" it.

New Member

 • 

7 Messages

2分前

Today I didn’t have to go through the dance. It worked the way it did months ago before the dance was necessary. I hope it lasts!

Contributor

 • 

6 Messages

25日前

I don't believe this has anything to do with the amount of time.  I truly believe this is an AT&T OIDC/IDP issue with Yahoo.  IMHO, Yahoo is long since past it's prime, but it could just be bad programming on the AT&T side to integrate.  

All my email on all my devices will work fine and I can use things on Apple TV, etc. but the minute I try to configure a new app to use my AT&T credentials, I can almost certainly expect to immediately be locked out EVEN if I login to ATT.com before hand to make sure the account is working.  This isn't because I'm unable to enter my password -- 

AT&T has said in other posts that this is because of bad actors trying to hack into accounts -- and that could be true.  But since AT&T (or Yahoo) doesn't provide a useful mechanism to audit when or where the failed logins are happening, then we have nothing as an enduser we can do to verify.

(edited)

New Member

 • 

2 Messages

19日前

My father has same problem!!!!!  Every 2 weeks I have to drive to his house and fix/reset his password!!!!!   Very frustrating and have been doing this for several months now.

Just glad to know it isn't his fault for this issue.

Contributor

 • 

6 Messages

19日前

I was also discussing this with a friend of mine that has a sbcglobal.net email address (many of us coming from before AT&T reacquired all the "baby Bells") and he is locked out frequently too.  This is an AT&T issue.  I have other email addresses that have been pwnd, but I never get locked out of Gmail, Outlook, etc.  So, I'm having a really hard time believing that there is a consistent hacking threat only on AT&T related email addresses.  

I'm not discounting that it would be a large volume of subscribers and an attractive target, but the idea that the hacking activity is supposedly so constant on so many of our emails, yet isn't happening to other major email services, doesn't lend a lot of credibility to it being "hacking".  

tonydi

ACE - Guru

 • 

7.4K Messages

19日前

I don't discount the cause, especially when you read THIS.  The date of that breach was a few weeks before this problem started last year.

What doesn't make sense is A) why it took so long (June 2022) to figure it out and B) why we're months later and if anything, it seems to be worse.  This type of attack is common and there are readily available tools to stomp it out.

Contributor

 • 

5 Messages

18日前

AT&T needs a better solution then to just lock-out the account. Create a delay, especially from the same IP address. ORRRR, can we just have a 2FA system? I find it hilarious that I can use biometrics to secure my account, but if ones of these yahoos (see what I did there?) decides to try to use an old password from another site, it just locks it up, and then they have to send me a text and put me through the change password process.

Plus, they don't even make you change your password. Just put a timer on it, and allow us to clear the timer with a text code.

Contributor

 • 

6 Messages

18日前

I can say I don't generally get locked out of my email until I try to log back into ATT.com, Yahoo.com, or one of the other accounts (Directv.com) and to me, the common theme here is the federation.    But to the points you made @dropperx , I agree they have a lot of ways to resolve this, they just need to do it.  

As @tonydi mentioned in that article, Gmail has a higher percentage of pwnd email addresses, yet doesn't lock out.  Plus the federation with Gmail in general works a lot better whenever I've used it.

tonydi

ACE - Guru

 • 

7.4K Messages

18日前

@dropperx   Please stop trying to apply logic and good security practice to this situation.  Clearly none of that exists with the AT&T programming team.  🙄

Need help?
New to AT&T Community?
New to the AT&T Community? Start by visiting the Community How-To.
New to the AT&T Community?
Visit the Community How-To.