Password keeps getting reset

IanJKing Said:

"The question is, if I have on two-factor authentication, whoever changes the password can still not access my account, correct? I verified the devices listed are all mine."

-------

Change your eMail Password:

Perhaps someone is getting in to your Apple Account through use of your eMail account? So, change the password on your eMail account, and enable Two Factor Authentication on the eMail account, if an option.

As for your Apple Account:

Go Here: View or Remove your Associated Devices on a Mac or PC - Apple Support

Try "Deauthorize All" Button:

Note that you have to wait one year to deauthorize all devices at once. So, try using the "Deauthorize All" button. If not used within the last year, then all should deauthorize.

1. Open: iTunes/TV/Music
2. Go to: Account menu
3. Select: View My Account
4. Enter: Apple Account Password (if prompted)
5. Scroll to: Computer Authorizations
6. Click: Deauthorize All button

I’m going to make some guesses about what might have happened here, and might have happened previously, from some common patterns from these cases…

If perchance you have been re-using passwords across various apps and web services, this is the expected and typical outcome.

You probably also don’t have two-factor authentication enabled on your Apple ID, as that blocks unrecognized devices without a second confirmation from a trusted device.

If some or all of that happened here, then presumably one of those services has been breached, and so the miscreants will then use the username and password pairs from that breach against every other web service around, including trying the pair as an Apple ID.

Unique and robust passwords are important. As is having two-factor enabled. As is having current trusted contact info associated with the Apple ID.

Passwords on your password reset paths are also important. If the miscreants have access to a password reset path password, then they can trigger and approve the password change themselves. This might be a mail server, or the PIN code on a cellular provider account, or physical access to a terrestrial telephone line, for instance.

As for the password-reset immediate issue, regaining control of your Apple ID is the priority: If you think your Apple ID has been compromised - Apple Support

Others have referenced reviewing your list of trusted devices, and you will want to enable two-factor authentication if not already enabled, and verify your trusted contact info, and unique and robust passwords.

They shouldn't be able to access your account unless the gain access to one of your trusted devices.

Changed your cellular carrier PIN, your reset-path passwords, security questions, and related?