How can I keep my Netflix account secure?
We know you care about the security of your Netflix account. So do we.
From time-to-time, we email members encouraging them to change their account passwords as a precautionary measure due to security risks. There can be a variety of triggers, such as username and password breaches at other companies, phishing schemes, and malware attacks.
Here are our top recommendations for keeping your account and personal information safe.
To protect your account:
Use a password unique to Netflix and change it periodically
Netflix accounts can be compromised through password reuse. This occurs when a Netflix user employs the same email address and password for their Netflix account as they do for one or more other services. If any of those services are compromised, the attacker can try the user’s email address and password on Netflix and take over the account. We strongly encourage you to select strong passwords that are unique to Netflix. One method to ensure your passwords are strong and unique is to use a password manager either through your browser or a third-party product.
In addition to using a password unique to Netflix to help your account stay safe and secure, we recommend using a password that is:
- At least 8 characters long.
- A mix of uppercase and lowercase letters, numbers, and symbols.
- Not a word in the dictionary, a name, or other personal information like a birthday, address, or anniversary.
We recommend that you change your password periodically. You can update your password from the Your Account page after signing in to the Netflix website, or you can simply send yourself a password reset email, text message, or voice call.
Be aware of possible phishing attempts
Phishing is an attempt to acquire your personal information by pretending to represent a website or company you trust online.
Phishers will go to great lengths to try to hijack your account or steal your personal information. They may create fake websites that look like Netflix, or send official-looking (but fake) emails asking you for personal information.
Netflix will never ask for any personal information to be sent to us over email. This includes:
- Payment information (credit card number, debit card number, direct debit account, PIN, etc.).
- Social security number for US citizens (in any form), identification number or tax identification number.
- Your account password.
Be careful if you receive an email message asking you for this or any other personal information. Netflix may email you to update this information with a link to our website, however be cautious of fake emails that may link to phishing websites. If you're unsure about a link in an email, you can always hover over the link to see where it goes (you'll see the real linked web address at the bottom of most browsers).
If you're still not 100% sure that the website you're on is the real Netflix site, you can always type www.netflix.com directly into your web browser.
Finally, if you get an email that looks suspiciously like a phishing attempt, please let us know by forwarding it to firstname.lastname@example.org. Be sure to include the message header information, which can be found by using this Google article.
Keep your computer safe
In order to receive the best possible Netflix experience, it's important to keep your computer free of malware and viruses. Signs that your computer may be infected include:
- Unusually slow or sluggish computer performance.
- Pop-up windows or advertisements while streaming.
- Unexpected reboots, crashes, or freezing.
If you think your computer might be infected, you can use the anti-malware, anti-adware or anti-virus software recommended by your computer manufacturer or a trusted IT professional.
Netflix as a company doesn't endorse or advocate specific vendors, but our Support Engineers have successfully used the following to clean up these types of infections:
- Ad-Aware (Windows): http://www.lavasoft.com/products/ad_aware_free.php.
- Sophos (Windows, Mac): http://www.sophos.com/products/free-tools/virus-removal-tool.aspx.
- Trend Micro (Windows, Mac): http://www.trendmicro.com.
- F-Secure (Windows, Mac): http://www.f-secure.com.
- Symantec (Windows, Mac): http://www.norton.com.
- Malware Bytes (Windows): http://www.malwarebytes.org/.
Keep in mind that malware can evolve, or other malicious programs can cause similar problems. Whichever program you choose to use, be sure to keep it updated with the latest software release.
Report fraudulent or suspicious activity
At Netflix, we take fraud very seriously. If you notice suspicious or unrecognized charges or unauthorized account activity, please contact us immediately so we can help you investigate.
Sign out of unused devices
If you are planning to give away or sell a device that you previously used, you should sign out of any accounts or services that you used on the device, including Netflix. If you haven't done this, and the device is no longer in your possession, you can Sign out of all devices from your My Account Page. Please note that it can take up to 8 hours to sign out of all devices.
Report security flaws to us
If you believe you've found a security vulnerability on a Netflix property or app, we strongly encourage you to inform us as quickly as possible and to not disclose the vulnerability publicly until it is fixed. We appreciate your assistance, and we review all reports and will do our best to address the issue in a timely fashion.
For more information please see our full responsible disclosure policy.
Help us provide the fastest response by directing your questions or comments to the appropriate team:
For general customer service inquiries, please contact us by visiting our help center. Our customer service agents can assist with a wide range of questions and feedback including those related to:
- Your account (including billing, fraud, and unrecognized charges).
- The Netflix website and content.
If you are a security researcher, learn more about our responsible disclosure program.
If you have questions about the privacy of your information, please see our Privacy Statement.
If you have received an email you suspect to be phishing, please forward it to: email@example.com.