arthurboehm
asked on
How Do I Eliminate a Hacker's Device Access to My Instagram Account for Good
Several days ago I opened my Instagram account and, after navigating to Log-In Activity, noticed that there were two mobile devices and log-ins I didn't recognize. One of them had duplicate log-ins that were all stamped at the same time. I changed my password, as suggested. Since then, upon checkimg, I've noticed that one of he two had reappeared. I changed my password again. Today, same deal. Once again, I changed my password. Every time I change the password my hacker's information disappears only to reappear on the following day. Question: how to I eliminate this interloper for good? I have two-factor authentication on, but apparently Instagram recognizes this foreign device as belonging to me. Thanks.
ASKER
Thanks, Andrew. It appears I've already done what you suggest in the second part of your reply. That is, I've opted to log out from the devices I don't recognize. After I do that I'm asked to provide a new password. The problem is that this reoccurs--that is, I see that device X has logged into my account, I opt to log device X out, I'm prompted to change my password, I do--and the next day device X has re-logged into my account. Rinse and repeat. Or do I do this process ONLY after I've scanned my phone for bugs?
An allied question: if I'm logging out of device X, why isn't Instagram doing a double identification check every time device X wants access to my account?
Thanks.
An allied question: if I'm logging out of device X, why isn't Instagram doing a double identification check every time device X wants access to my account?
Thanks.
Don't store your password on any device. That should eliminate the problem, unless the device is so compromised that something is stealing the password as you enter it. In that case it would be prudent to back up any data on that device -- only data -- reset the device to factory, and reload the applications and data.
A little paper notebook for storing passwords goes a long way toward ensuring nobody can steal your passwords.
A little paper notebook for storing passwords goes a long way toward ensuring nobody can steal your passwords.
Possible, it's an advanced root kit on your device. It can't be detected, it's too deep in your system already.
Use your browser (PC or laptop) to login, change password, and log off all devices. Do not use your mobile to type in the new password. Do not use the app at all.
After one or 2 days, you'll see, there will be NO ROGUE log ins. So it's time to fully purge your phone and start over.
Please make sure the logins are REALLY DIFFERENT though, if the time stamps are EXACTLY the same, Instagram may mis-identify the hacker device and see your device as both yours and the hackers.
Use your browser (PC or laptop) to login, change password, and log off all devices. Do not use your mobile to type in the new password. Do not use the app at all.
After one or 2 days, you'll see, there will be NO ROGUE log ins. So it's time to fully purge your phone and start over.
Please make sure the logins are REALLY DIFFERENT though, if the time stamps are EXACTLY the same, Instagram may mis-identify the hacker device and see your device as both yours and the hackers.
ASKER
Kimputer, "Please make sure the logins are REALLY DIFFERENT...." Which logins? Different from what? If there are no rogue logins (which in the past have shown multiple duplicate time stamps), which logins are we talking about? Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I should also add that I noticed, when posting this AM, that doing so seemed to trigger the rogue logins, of the usual rogue device, multiple times.
ASKER
...which seems to support your contention, right above. So, if I understand you properly, you're saying that Instagram has somehow conflated my actual login ID with this second "rogue" one--that they're the same, yes?
In which case, there's no need to keep changing passwords, correct?
Thanks again. This whole business (on top of being hacked on Facebook, a story for another day--maybe) has made me even loonier than usual.
In which case, there's no need to keep changing passwords, correct?
Thanks again. This whole business (on top of being hacked on Facebook, a story for another day--maybe) has made me even loonier than usual.
Yes, if the second "rogue" device has the same time stamps, it's actually still you. That's also the reason that when you say you only want to log off the "rogue" device, YOU actually have to log in again. If it wasn't you, you wouldn't have to log in again, the rogue device had to.
ASKER
@Kimputer, #Kimputer
A postscript: today, when posting to Instagram from my computer, I did a bit of experimenting. I use a third-party app called Uplet to post from my Mac to Instagram. Discovered: every time I posted via the app, I got the familiar "rogue" log-in notification. Every successive post, a different timestamp that corresponded to the posting time.
My usual browser is Firefox. Sometimes I open Instagram in Chrome. When I post to Instagram from there--I usually get a "from Mac" login notification. Today, however, I got a second "rogue" login notation, let's call it Y. My conclusion: the "rogue" logins are definitely me posting in various ways/places. Why Instagram calls the Chrome posting "from Mac" sometimes and Y other times--who can say?
A postscript: today, when posting to Instagram from my computer, I did a bit of experimenting. I use a third-party app called Uplet to post from my Mac to Instagram. Discovered: every time I posted via the app, I got the familiar "rogue" log-in notification. Every successive post, a different timestamp that corresponded to the posting time.
My usual browser is Firefox. Sometimes I open Instagram in Chrome. When I post to Instagram from there--I usually get a "from Mac" login notification. Today, however, I got a second "rogue" login notation, let's call it Y. My conclusion: the "rogue" logins are definitely me posting in various ways/places. Why Instagram calls the Chrome posting "from Mac" sometimes and Y other times--who can say?
After you do that, remove the devices as trusted from your Instagram account:
https://www.guidingtech.com/check-remove-devices-connected-instagram-account-mobile-pc/