How to secure a Discord account after suspicious logins?
Executive summary
When suspicious logins appear, the immediate goal is to lock out the intruder, reclaim control, and harden the account against follow‑up attacks; the practical steps are a forced password reset, revoking unknown devices/apps, enabling two‑factor authentication, and securing connected accounts like email and payment methods Discord-Account-was-Hacked-or-Compromised" target="blank" rel="noopener noreferrer">[1] [2] [3]. Authorities at Discord advise reporting incidents to Trust & Safety and caution that Discord staff will never initiate in‑app support requests, while security guidance also warns about phishing, malicious links, and malware as common attack vectors [1] [4] [5].
1. Force a full reset: change password and invalidate sessions
Start by changing the account password to a strong, unique one; doing so will invalidate the current account token and can log out other sessions, which is a first-line response recommended by Discord and security guides [4] [1]. If the password has already been changed by someone else and access is lost, use Discord’s account recovery flow and file a support report with as many details as possible [1] [6].
2. Lock the doors: enable 2FA using an authenticator app
Enable two‑factor authentication (2FA) immediately — preferably via an authenticator app like Google Authenticator or Authy rather than SMS — because 2FA adds a second factor that prevents access even if passwords are stolen, and Discord explicitly lists authenticator apps as the most secure option [7] [1]. Keep recovery codes stored securely offline; Discord and university IT guidance both stress the importance of safeguarding backup codes [8] [7].
3. Sweep the account: revoke unknown devices, apps, and bots
Check Authorized Devices and Authorized Apps in User Settings and remove any logins or third‑party integrations that are unfamiliar; lingering app authorizations can allow persistent access even after a password change [9] [2]. Security guides recommend deauthorizing suspicious apps immediately and reviewing server roles or bots that might have been added during a compromise [2] [10].
4. Contain damage: inform contacts, admins, and financial services
Alert recent contacts and server administrators so they can ignore, delete, or roll back any malicious messages or links sent from the compromised account; multiple sources recommend this to prevent the attacker from spreading phishing or scams through trusted relationships [2] [6]. If payment methods are linked to the account, contact the bank or payment provider to block charges and flag potential fraud [3].
5. Clean the environment: scan for malware and secure linked accounts
Because many compromises begin with phishing or malware that captures credentials or 2FA codes, run an up‑to‑date antivirus scan and remove suspicious software; security blogs and Discord safety pages warn that trojans and keyloggers are common culprits [5] [4]. Change passwords on linked services — especially the email address used for Discord — because attackers often pivot through a hijacked email to regain access [3] [10].
6. Report, learn, and watch for follow‑ups — but note platform limits
Report the incident to Discord Trust & Safety and file a support ticket with details; Discord guidance stresses reporting and also reminds users that Discord staff will not DM for support, which helps avoid social engineering via fake “support” messages [4] [1]. Be aware that some users criticize Discord’s automated suspicious‑activity responses as overly aggressive — phone verification or lockouts can complicate recovery — so users may need patience with support channels and take screenshots of alerts for their reports [11]. Also heed Discord’s warning after a third‑party customer‑service incident to stay vigilant for follow‑on suspicious messages even after an incident is closed [12].