What a “new device sign-in” email means
A “new device,” “new sign-in,” or “unrecognized login” email usually means a service detected an access pattern it had not previously associated with your account. The notice is useful, but the words “new device” do not always mean that someone bought or used a physically new device.
Login.com will never ask for your password or verification code. To review a sign-in, open the service’s official app or site independently rather than using links in the email.
Why a familiar device may look new
Services identify devices using a mixture of browser cookies, operating-system details, app identifiers, network information, and prior activity. The same phone or computer can appear new after you clear cookies, reinstall an app, switch browsers, use private-browsing mode, update software, restore a device, or reset advertising and privacy identifiers.
Travel, a mobile network, a corporate network, or a virtual private network can also make the sign-in appear to come from a different place. Location labels are estimates based largely on the internet connection. A nearby city, a regional data center, or even another state can appear without the device actually being there.
How to check whether it was you
Think about what you were doing at the reported time. Did you sign in after installing an app, use another browser, connect through hotel Wi-Fi, or approve an account on a streaming device? Compare the device type, browser, approximate location, and time with your activity, but do not treat any single field as perfect evidence.
Open the service directly using its official app, a trusted bookmark, or its known main address. Look for recent activity, active sessions, signed-in devices, or security events. If the service allows it, label recognized devices and remove sessions you no longer use.
What to do when you do not recognize the sign-in
- Secure the account through the official service. Change the password to a unique one and do not reuse an old password.
- End unfamiliar sessions. Use “sign out everywhere” or remove unknown devices when available.
- Review recovery methods. Confirm the recovery email, phone number, backup codes, and multi-factor settings still belong to you.
- Inspect account changes. Look for altered profile information, forwarding rules, connected apps, purchases, payment methods, or messages you did not send.
- Secure related accounts. Change any other account that used the same password, beginning with your primary email account.
Do not approve an unexpected prompt
If the sign-in notice is accompanied by an authentication prompt, do not approve it unless you initiated the login and the details match. Repeated unexpected prompts can be an attempt to wear you down into approving access. Do not tell a caller or message sender the code displayed on your device.
When to contact the provider
Use the provider’s official support channel if you cannot regain control, if recovery details were changed, or if the account contains financial, health, employment, or identity information. Find contact details inside the official app or on the organization’s main site. Keep copies of the alert and note the time of any suspicious activity.
How to reduce future confusion
Use unique passwords, enable multi-factor authentication, keep recovery details current, and periodically remove old sessions and connected applications. A password manager can help with unique passwords, but choose and access it through its official site. Treat new-device emails as prompts to verify activity—not as instructions to click immediately.
It can also help to keep a short private note of major device changes, such as replacing a phone or reinstalling an operating system. That gives you useful context when an alert arrives later. Do not store passwords or recovery codes in that note.
Last reviewed: July 14, 2026. Location and device labels in security notices are often approximate.