How to Avoid Getting Locked Out of Your Digital Life -- Journal Report

Dow Jones12-12

By Sean Captain

What would happen if you couldn't access your Apple, Microsoft or Google account because you lost your phone, forgot your password or were hacked?

Since so much of our digital lives resides in just a few places, getting locked out of critical accounts such as these, even for a few hours, can halt your ability to email, check calendars or work on documents.

Redundancy -- such as backing up passwords and setting up alternate ways to access your accounts -- is your best protection against such disasters. And companies like Apple, Microsoft and Google offer many tools to help you avoid losing access to their services.

Here are some of the best strategies you can use to ensure you always get into your critical accounts:

Use a password manager

The easiest way to keep from getting locked out of an account is to set up and use a password manager. It can be the free one built into your browser (such as Chrome's Google Password Manager) or your device's operating system (such as Apple Passwords), or an independent free or paid app like Bitwarden, 1Password or Dashlane. The latter type offers the best compatibility across web browsers and operating systems.

These managers generate robust passwords, then store and automatically enter them (and your username) whenever you want to sign into a website or open an app that requires a login.

Unlike scribbles on a Post-it note, a password manager can be set to back up online. That means if you lose your phone or computer, you can sign into the password manager on another device -- either yours or someone else's -- and access the backed-up passwords for your accounts from there.

Of course, to do this, you will need to remember the master password that unlocks the password manager or have another way to access it. For more on that, see below.

Set up passkeys

If one of your accounts offers you a new sign-in option called a passkey, be sure to enable it, as it will give you an alternate way to log in, one that doesn't require typing in a password. (Apple, Google and Microsoft will all nudge you to do this and guide you through the process on their sites.)

Passkeys authenticate your identity using a pair of mathematically related values, called keys, one residing with the website or app, the other in your password manager. Typically, you authorize this exchange with a face scan, fingerprint reader or a PIN code if your device doesn't support those biometric options.

Passkeys are convenient and more secure than passwords, which can fall into the hands of criminals during data breaches. And if you log in with a passkey instead of a password, sites typically won't ask you for a second level of identity verification, such as a two-factor authentication code sent to your phone. That can come in handy if you lose your phone or lose access to your phone number in a hack.

Provide more than one contact email or phone number

Most sites offer an "I forgot my password" button on their login pages for users who can't remember their credentials. It usually triggers an email or text to the user with instructions on how to reset the password.

But what if you can't access the email because you're locked out of the account? Or the phone number on file has been taken over by crooks? To ensure you won't miss that message, most accounts allow -- and encourage -- you to register a second email address and/or one or more recovery phone numbers.

You can easily create a second email for yourself using free services such as Gmail, Outlook or Yahoo. You also can create a second phone number that can be accessed online or in mobile apps, through services such as the free Google Voice.

Designate other people as recovery contacts

If a site or app lets you designate adult friends or family members as trusted recovery contacts, be sure to do it. These people won't have access to your account, but they can help verify your identity so you can regain access should you get locked out.

Google, for example, allows you to designate up to 10 people (with a Google account) for this purpose. During the recovery process, Google will send three codes to your contact person and one to you. You tell your recovery contact the code you received, and the recovery contact has to select it from the three he or she received to unlock your account.

Apple offers a similar system, supporting up to five contacts. But they must have an Apple device to generate a recovery code, which they then give to you. Microsoft says it's considering creating its own trusted-contacts system.

Install mobile apps

Consider downloading any mobile apps associated with your big accounts -- such as the Gmail or YouTube app if you use Google -- because some sites allow you to prove your identity that way. If you have trouble logging into your Google account on a web browser, for example, you may be instructed to open one of those mobile apps. When you do, a screen will ask if it is you trying to log in to your account. The benefit here is that you are typically always logged in to apps on your mobile device.

Microsoft provides a similar capability with its Authenticator app, which some people use for two-factor authentication in place of texted codes for signing into online accounts. Apple allows people to reset their passwords using a Mac, iPhone, iPad or Vision Pro headset if they are already logged into one of them.

Ensure access to your password manager

If you're using a password manager for password and passkey generation and storage, it's crucial that you don't lose or forget the master password that unlocks it -- and that you set up an alternative method to get back in if you do.

Start by devising a complex yet easy-to-remember password, perhaps a nonsensical but memorable passphrase.

As insurance in case you forget it, you can record the master password on an unlabeled sheet of paper and store it somewhere secure -- a safe, if you have it, or at least not out in the open.

You also can use a second password manager to store the login for your main password manager. If you use Dashlane, for instance, you can log into Dashlane via the Google Chrome browser, and have Chrome store the Dashlane password.

In some cases, you may be able to get into your password manager with a fingerprint or face scan, if you've set that up. And some password managers allow you to set up recovery contacts, or shared access to an account, that can help you get back in should you forget the master password.

Sean Captain is a writer in New York City. He can be reached at reports@wsj.com.

(END) Dow Jones Newswires

December 11, 2025 12:00 ET (17:00 GMT)

Copyright (c) 2025 Dow Jones & Company, Inc.

At the request of the copyright holder, you need to log in to view this content

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Comments

We need your insight to fill this gap
Leave a comment