Your old, inactive accounts from online services you’ve long forgotten are ticking time bombs. Sooner or later, one of the companies behind these services may suffer a data breach that exposes your confidential information. To avoid falling victim to a data breach, it’s best you find your dormant accounts and delete them.
Email inbox and archive
A good place to start when digging up your old, inactive accounts is your email account, as many websites and services require you to submit an email address when you sign up for a new account. As part of the signup process, an email is sent to you containing a link to validate your ownership of the email address. You may also receive another email welcoming you to your new account after signing up.
If you haven’t deleted these emails and merely archived them, then great! They’re your first lead for digging up your old accounts. You can easily search for these emails using common phrases found in these emails, such as “welcome,” “validate your email,” “verify,” “congratulations,” and “your account.”
Forgotten email addresses
But what if you don’t remember your email addresses? You’ll need to recover them so you can then login and check the inbox and archive for connected accounts. Google has a step-by-step account recovery that helps you remember and retrieve your forgotten email address. Yahoo has a similar process when you click “Forget Username?” on its login page.
On the first time you log in to a website, your browser may offer to remember your password so you don’t have to keep typing it on subsequent logins. Look up these saved passwords for corresponding online accounts that you no longer use.
In Google Chrome, your saved passwords can be found at Settings > Autofill > Passwords > Saved Passwords. In Microsoft Edge, they’re at Settings > Profiles > Passwords > Saved Passwords. As for Firefox, your saved passwords are at Settings > Privacy & Security > Logins and Passwords > Saved Logins.
Similarly, if you use a dedicated password manager instead of your browser’s equivalent built-in feature, search your inactive accounts there.
Do you remember turning on two-factor authentication for your accounts? If so, open the authenticator apps you’ve used and see the list of online services you added. Popular third-party authenticators are Google Authenticator, Microsoft Authenticator, and LastPass.
Similar to email address validation, online services may send a text message to confirm ownership of the mobile number you enter when you sign up for a new account. If these messages are still in your SMS inbox, then you can easily search for them using commonly used words such as “code,” “verify,” and “verification.” See if these messages mention the online services you signed up for.
If you opted for single sign-on authentication for creating and logging into multiple accounts, then check the social network service you used as a social login. For each social network, check all connected accounts and apps. Here’s where you can find them:
- Settings > Apps and Websites
- My Account > Security > Signing in to Other Sites
- Settings and Privacy > Security and Account Access > Apps and Sessions > Connected Apps
Apple (via appleid.apple.com)
- Security > Sign in with Apple > Manage Apps & Websites
- Settings & Privacy > Data Privacy > Other Applications > Permitted Services
Payment apps and processors
Check all your payment processors and digital wallets, such as PayPal, Google Pay, and Apple Pay, for your past and recurring transactions to help you identify your online accounts and apps.
In PayPal, for instance, you can check the Automatic Payments page at Settings > Payments > Manage Automatic Payments. Toggle the Show Inactive option to see all services for which you previously made payments.
Many mobile apps will require you to create an account before you can use them. While it’s easy to uninstall/delete the apps from your smartphone, doing so doesn’t delete accounts you created for these apps. They still exist albeit in a dormant or inactive state.
If you have an Android smartphone, launch the Google Play Store, tap your profile picture, and tap Manage Apps and Devices. Switch to the Manage tab to see all your apps. Remember to check all apps under the Installed and Not Installed categories.
On iOS devices, open the App Store app, tap your profile picture, and go to Purchased.
Have I Been Pwned?
The website HaveIBeenPwned.com analyses data breaches in which user data have been made publicly available online for anyone’s perusal, including hackers. It also helps you know if you’re one of the affected users. Simply enter your email address and the site will enumerate services that unfortunately exposed your private data, including usernames and passwords.
Search engine results
Just to cover all the bases, enter your usernames and email addresses in search engines. Services that you failed to find from the suggested locations above may appear as relevant search results. But do take extra precautions and avoid visiting suspicious websites that mention your usernames and email addresses.
Delete your old, inactive accounts
Once you have a comprehensive list of all your old accounts, you can now begin deleting them one by one. Visit each website or service where you created these accounts and look up instructions on how to delete your account and wipe all personal information you’ve shared.
If the website has vague instructions or goes out of its way to discourage you from deleting your account, check the website JustDelete.me. It compiles straightforward steps to delete your account on various websites and services.
If the service explicitly forbids you from deleting your account, the next best thing is to edit your profile so that your personal information is erased. If the service insists you write on required fields, such as your name and birth date, just enter random or fake information. That way, they do not accurately describe you.
You’re better off when there is less pertinent information about you stored online. Learn how to delete your online presence before the next data breach happens.