@PsychoticWolfie   Clearly you haven't roamed around in this forum looking at any of the hundreds and hundreds of other posts about this or you wouldn't see so surprised. 

The official ATTHelp position is that this is a result of "bad actors" trying unsuccessfully to get into these accounts, thus triggering the 6 failed attempts lockout trigger.  We're at about 5 weeks since they posted that story (and well over 8 months since it began) and they are still "working on" stopping these attacks.

@Idiott22 Unfortunately I have to keep mine, as it's the one I use for literally every important login I have, and on many sites that can't be changed. I just wish they would admit that it's an error on their part. They aren't getting assailed by that many hackers all day every day, multiple times per minute per account. It's really simple. Something in the system is registering single correct login attempts as multiple incorrect ones. If they would just look into it and try to fix it instead of playing defense, this could all be, well, fixed!

I can't even change anything about the account once I'm logged in! Clicking on account settings logs me out. Reentering my correct password results in a lockout! They have it so poorly designed and don't even care to try and fix anything. I can't even activate any kind of 2 factor authentication or anything. But hey, at least my account is SUPER secure thanks to my password changing every 5 minutes lol

Oddly enough after creating this forum account and linking the problematic email, it's staying logged in for more than five minutes! No telling when that will stop though, and it inevitably will.

@tonydi I'm not even slightly surprised, again it's been happening to me for years. And I already know what the problem is. It's just registering my single login attempt as multiple incorrect ones. It's not "bad actors", it's a very easy problem to figure out. It's literally just an error, in THEIR system on THEIR end. As for why they refuse to look into it, that's the frustrating part. But I have no other options. This decade plus old account is the only one I can use to sign into any of my important logins.

Again, this exact problem has been happening to me for almost 2 years now, maybe longer.

Wouldn't it be funny if for years now, all these "hackers" they think are trying to log into everyone's emails was just an error where 1 good login attempted looked like 6 bad ones?? Lmao

And yes I know about the yahoo breach, but it's not happening anymore. That was an event in the past.

So you have some inside info from Yahoo/AT&T email people? 

@tonydi I would literally bet my life savings on that being the issue. They have an error that makes 1 good login look like 6 bad ones for MANY users. We need someone who can look through the data on their end, hence me trying to get this word to them. I won't be able to fix that problem. But these "bad actors" are imaginary. They don't exist. At least not at these numbers. Tell me this all doesn't sound a bit suspicious to you?

The reason I'm so sure is that, I get the error LITERALLY MOMENTS, and I CANNOT DESCRIBE HOW QUICKLY, from being logged out, to entering my new correct password ONCE, and I still get the "too many login attempts" error message. There is nothing else it could be, nothing. There is no botnet that big or powerful, it's literally just an error that converts 1 good login attempt to 6 bad ones. It may even be visible in the cookies!! So please, don't argue with me. Let's look into this. This is a place to start, and if I'm right, I found the exact problem, not just for myself but for everyone.

I'll go even further and say it's probably due to something they implemented on their end after the yahoo breach, some "safety precaution" as they would call it, but it doesn't even work as intended and is just forcing this error on people now. And they think it's hackers.

Where do you live, I can probably get some local referrals for you when you become destitute.

Rather that you take my word for it, here's a LINK to a recent article by a leading VPN supplier about all the ways a "bad actor" can do what you think is impossible.  Short version, current hacking tools can push 10,000 password attempts per second.  Yahoo locks them out after 6 failures.

So let's say hackers point these tools at, oh I don't know, 20,000 Yahoo/AT&T accounts and turn them on.  You log in, do whatever you want and log out and then "immediately" log back in.  But even if it's only 1 second, you don't think that their tool would have already triggered the lock?

I'm not fully invested in the "bad actors" thing either.  It does make sense from what we can see happening, but what doesn't make sense is why something that happens quite commonly and has commonly available mitigation tools is still happening 5 weeks later. 

Of course I'm sure that this info won't sway your opinion one bit.  Keep digging in your cookies and hopefully you'll find the very thing that Yahoo needs.  I'm sure you could sell them the info.

@tonydi Not sure you understand how it works then. That's a targeted attack against a singular or few users, using multiple hundreds if not thousands of attempts per second, YET, it stops at 6 because that's how many ATT Yahoo email allows before locking the account and no longer allowing more passwords to be entered, instead asking the user to reset passwords using either a phone number or security questions (thank GOD I remember my security question answers!). And I NEVER receive any random texts giving me the code for resetting my password. I've only ever received one official email telling me my email has been attempted to be broken into, in my entire decade+ of using it, meaning someone failed the security questions.

On TOP of that, like I keep saying, it happens instantaneously. And when I say thousands of users, I'm thinking closer to 100,000 users that this is happening to. Yes, Yahoo ATT email has more than that many users, and yes, they are all having problems with it. LITERALLY EVERYONE who uses the ATT Yahoo is having trouble with either the logout error, too many login attempts error, or more commonly BOTH. Assuming about 20% of users (and that's being extremely generous) come to the forums to complain, you'd think you'd realize just how extensive the problem is, especially after trying to explain exactly that to me before, despite me being on these forums before for years now, looking at this same problem reported by users on the daily.

This is literally outside of the realm of modern computing. You'd need a botnet industry the size of Russia, China, and India combined, state sponsored, targeting ONLY Yahoo ATT emails, constantly, 24/7, for years now, to get these kinds of results. Or, simply an error where any ATT Yahoo user gets their single correct attempt turned into 6+ failed attempts by some overflow misinputting what they type. You ever heard of Occam's Razor??

Not only that, but if this IS the problem, it would appear exactly like "bad actors" attempting to break into all these emails constantly to the point where it would be indistinguishable unless anyone INSIDE ATT or Yahoo knew exactly the problem to look for causing the overflow, or duplicate false attempt error. But which is the simpler solution? Again, Occam's Razor.

I LITERALLY JUST had to reset my password on my email to get into it, to reset my password on these forums, just to reply and tell you this. And you don't even care. You're busy being an apologist for ATT and Yahoo right now, and nothing more, due to your LOVELY awards for deflecting for them time and time again (even if you say things against them sometimes, you're still denying this could even be the problem aren't you?)

You're in denial, and don't care to see the problem fixed, but if you really think that there's even the slightest possibility that maybe Yahoo didn't inform AT&T of some change they made because of the breach YEARS AGO WHICH IS NOW PROVEN TO BE OVER, why are you still defending this position???

It boggles my mind that anyone could go this far to divert attention from the obvious problem that's EASILY fixable if anyone on the inside actually cared to look into it, but not only do they not, you're satisfied with their excuses because of your pretty little awards and guru status. Woe is the man who loses that green medallion, eh?

You know what? There are bad actors, but they're not hackers trying to break into every ATT Yahoo account. They're in ATT and Yahoo themselves, and they're all the apologists for them on these forums. You don't even get paid by the companies, do you? I'm not sure at this point. Because as much as you claim you ever so slightly doubt what they're saying, it really doesn't seem like it.

They need to look into the error on their end. And anyone who disagrees is hopelessly naive, or part of the problem either intentionally or unintentionally.

I'll tell you what.  You believe what you want because we're done here.  You and I aren't contributing anything of value at this point by taking this thread off the rails.

I admit I haven't read through the whole discussion, but the strange thing to me is that my ATT email and original settings and password work just fine on my iPhone and iPad but for a month now I cannot get the email on my desktop or laptop!  I have reset password and tried more other things than I can keep count of. Even spent an hour chatting with Microsoft, convinced that it's the Windows Mail. I cannot even get into the ATT mail account by going straight to ATT due to the password issue. Meanwhile, everything is traveling in fine on my small devices! Any thoughts on that?

@vidosc are you using the Windows Mail App or he went browser?

if the Windows Mail App, start a new thread. I have a lot of experience with that and Oauth, there are a bunch of ways Windows Mail goes wrong when authenticating to Yahoo mail.