How to prevent unauthorized use of your account
If you suspect that your account has been accessed by an unauthorized party, receive an unrecognized ‘new sign-in’ email, or observe unrecognized changes to your account, your account may have been compromised.
What does it mean for you?
Your Booking.com Extranet account has valuable information that fraudsters may try to target, such as personal information & payment details from guests. If you provided your credentials to an unauthorised 3rd party, there may be signs which signal that your Booking.com Extranet Account may have been maliciously accessed. These signs may include:
Guests receiving messages or phone calls asking for payment which do not originate from you.
Unrecognised changes in your property details (contacts, rates, availability, content, etc.).
Notification emails from Booking.com stating that your account was accessed from a new, unrecognized location.
What can I do to stay safe?
There are several ways in which you can protect your Booking.com account:
Never re-use passwords. Re-using your password for different services provides attackers with a greater chance that they will be able to access your account. For example, let’s say you use the same password for another website & Booking.com. If the other website suffers a data breach, attackers will then try to ‘validate’ these credentials on other platforms.
Password strength. It is highly recommended that when creating a password for your account, you bear in mind the following:
Minimum length should be 10 characters.
Your password should have mixed characters containing upper & lowercase letters, numerical, & special characters.
Does not contain any additional sensitive information which can be easy to guess such as name, email address, date of birth.
Make sure you always visit https://admin.booking.com. You can be sure that you’re providing your credentials on our website by checking for our certificate:
Note: The expiry date may differ as the certificate is renewed
I think my account has been maliciously accessed. What can I do now?
Follow these steps to secure your account:
Reset your email account password first, then your Booking.com account password. To reset your Booking.com account, you can do so by visiting Booking.com, clicking ‘Sign in,’ then clicking on ‘Forgot your password?’
Are you able to sign in to your account? Check all the information within your account to see if anything was changed (personal information, preferred language, reservations history).
Report it! We ask that you contact Booking.com immediately to let us know that your account may have been compromised. In order to help you and your guests as quickly as possible, your contract with Booking.com requires you to notify an actual or suspected account take-over within 24 hours.
You can do this by contacting our security team here:
Don’t forget to include all relevant details, such as suspicious new details in your account or suspicious charges on your credit card.
Legal & Security
- Why do I need to complete a Know Your Partner (KYP) form?
- Making Pulse even more secure
- What you need to know about online security and social engineering
- Online Security Awareness: Phishing
- Report a security issue
- How to prevent unauthorized use of your account
- What is 2-factor authentication (2FA)?
- Requirements and regulations around surveillance devices
- Digital event security standards
- Guidelines for room key access
- Keeping your property safe and clean
- Equipping your home property with safety devices, safety kits and emergency plans
- Protecting your home property with security devices
- Partner Liability Insurance
- Local laws and regulations
- How can I remove a property or end my partnership with Booking.com?
- My property is under new ownership. What should I do?
- Booking.com Animal Welfare Standards for accommodation partners
- Booking.com Animal Welfare Standards for experience partners
- Where can I find my General Delivery Terms (GDT)?
- Complying with European Union consumer law
- Mandatory host type (professional/private) assessment
- How does parity work?
- Our values and guidelines
- Offer transparency and clarity through simpler policies
- Our Supplier Code of Conduct
- Meeting legal requirements for tourist accommodation in French Polynesia
- Understanding Force Majeure
- Handling emergency closures
- Supporting partners in Ukraine during the war
- VAT and tax withholding legislation in Mexico
- Energy performance certificate requirements for properties in Spain