English
  1. Home
  2. E-mail
  3. Insecure email password
  1. Home
  2. Security
  3. Insecure email password
Searching...

Insecure email password

Contents

If Zone detects that your email account password has been leaked or is not sufficiently secure, we will notify you by email. The notification is sent to the contact email address associated with your ZoneID account.

Information

To ensure that notifications always reach you, please make sure that the contact details of your ZoneID account are correct and up to date. You can view and update your contact details in the My Zone environment.

Good to know!

To check the security of email account passwords, we use several sources, including the public breach database Have I Been Pwned. The check is performed using a secure hashing method, which means that the actual password is never transmitted or disclosed. You can find more details on this process in our blog.

What does “insecure password” mean?

An insecure password is usually either weak or reused:

  1. A weak password is easy to guess (for example, short, simple, or a commonly used word).
  2. A reused password is one that has previously been used for another service where user data has been exposed in a data breach.

What should you do next?

  1. Change your email account password to a more secure one as soon as possible. You can find instructions here.
  2. A secure password should be at least 10 characters long. We recommend using a password manager (such as 1Password, Bitwarden, etc.) to generate and store strong passwords.

  3. Avoid using the following in your password:

    • your name or company name
    • common passwords (e.g. Passw0rd!)
    • simple sequences (e.g. q1w2e3r4)

     

  4. We also strongly recommend enabling two-factor authentication (2FA) for your email account.
  5. 2FA adds an additional layer of protection — even if someone learns your password, they will not be able to access the account without the second verification factor.

Has the password already been misused?

  1. In webmail, you can review the mailbox security events to see whether there have been logins from suspicious locations. Instructions can be found here.
  2. In My Zone mailbox management, check whether anyone has configured automatic email forwarding or copying messages to an external email address.
Attention!

If the password has been maliciously misused, the confidentiality of the email account has been compromised. You can find more detailed information about this here.

 

Updated on 6. Jan 2026
Was this article helpful?
Yes No

Related Articles