Remember that email account you created years ago that you haven’t used lately? It may be time to consider whether you need to keep it or not. Either way, it may be time to revisit that unattended account to help prevent problems. Leaving an old email account is like leaving your car unlocked on a parking lot. Sooner or later, someone could get in and anything in there is at risk.

If a bad guy gets into your old email account, they may be able to access confidential emails, photos, social media accounts, and anything else connected to or stored in that account. They may also be able to use that account to gain access to other accounts you own. To protect your personal information, decide if you want to keep or delete the email account.

This is also true for an alternate or secondary email account that may be more recent.


Keep it:

If you decide you want to – or need to – keep the old or alternate account, it should still be managed and secured, and not just abandoned. Here are steps to follow.

  1. Update your password using a strong complex password or passphrase to better protect the account. Learn more about creating strong passphrases here.
  2. Enable two-factor authentication on the account, if available, to add a layer of security to better protect it.
  3. Regularly monitor the account for inappropriate or suspicious activity.
  4. Check and update the security settings. (NOTE: A favorite trick for bad guys is to access your email and then have messages auto-forward to them – without you ever knowing. You can check this in your email settings to make sure messages aren’t going to someone else.)
  5. Clean out old emails, especially those with confidential or financial information, from the in-box, sent and trash folders.



Delete it:

If you decide you don’t want the account anymore, there are steps to take to safely close it.

  1. To delete the account, look for “disable” or “delete” account in settings. This will lead to the process to close the account. The process for deleting an email account can be different for each provider, so you may want to contact the provider for assistance.
  2. Carefully go through all the emails in the account and determine which ones to delete and which ones to keep. Forward the messages you want to keep to your current primary account. Then, delete the ones you don’t want from all folders and remember to empty the trash folder.
  3. Update other accounts and remove this email from all profile contact information and as a method of identity authorization. This will prevent things like two-factor authentication codes and PINs being sent to the account you are closing.
  4. Be aware – when you close an email account, you give up the ownership of that email address. This means it could be reassigned to someone else in the future. Different providers have different rules for this. It does mean the new user could be mistaken for you, pretend to be you, or receive authentication messages from your other accounts to the “old” email. (If you haven’t completed step #3.)

Keep it, but forget it:

Another option is to keep the email account to retain the address, but never intend to use it again. In this case, the account should be cleaned out and protected before you “forget” it.

  1. Follow the steps outlined above to delete old messages, update settings, and remove all personal information. This leaves little in the account for a bad guy to steal.
  2. Lock it down with a very long, secure password. This makes it more difficult for a bad guy to get into the old email account.

Since most email accounts are free, it’s easy to set up a new account and move away from a previous email. Be cautious about signing up for more and more email accounts and remain diligent to protect and secure your personal information on each account.  

And if you are wondering about an email account you had with a different employer, send it a message. Depending on what you get back, you may need to reach out to your former employer to delete the account.