Account security

  • Avoiding Scams or Phishing Attempts

    The safety and security of our community is important to us, and we have invested in technologies and skilled personnel to address current threats. As fraudsters and scammers continue to develop new methods, it's important to be aware and to be careful.

    If you see something on Udemy that you think might be a scam, learn how to report abuse on the Udemy platform.

    Common scams

    Employment scams: Scammers who promise a false position at a company, but require the victim to purchase a Udemy course off-site for training or provide some other up-front payment before securing the role. 

    Subscription resellers: Email scam campaigns that are fraudulently designed to appear as a Udemy-branded email, offering a lifetime subscription for a one-time payment. 

    Avoiding off-site solicitation or scams 

    Below are some additional guidelines to follow as a means to avoid off-site solicitations or scams. If you ever have any questions regarding the legitimacy of a communication that purportedly is from Udemy, please feel free to contact us at any time at policy@udemy.com.

    • Udemy does not direct learners off-site to collect payment through third-party payment services, such as PayPal.
    • If you receive an email message purporting to be from Udemy, make sure to check the email header to confirm that the sender is using an @udemy.com address. Udemy does not use generic email domains, such as @gmail.com, to send emails.
    • You should not reply to or click on any links contained in email messages not from a Udemy domain.
    • Udemy is not affiliated with any hiring process that requires course enrollment as a condition of employment.
    • The best way to apply for jobs at Udemy, Inc. is through our careers site at https://about.udemy.com/careers/.
    Read article

  • How to Resolve Issues Receiving Udemy Emails

    This article outlines steps you can take if you are not receiving emails from Udemy to the email address you have registered with your Udemy account.

    Why is it important to receive account-related Udemy emails?

    In addition to important confirmation emails that Udemy sends related to course and subscription enrollments, certain login and security functions may require you to enter information that is emailed to you. For example, verification codes for passwordless login and multifactor authentication, or notifications for password resets, are sent to the email address registered for your Udemy account.

    These types of notifications are different from instructor or promotional emails that may be sent to you. Learn more.

    How to help ensure you can receive or review Udemy emails

    If you are not receiving Udemy emails to your email account as expected, or you’re concerned you are not receiving them, please follow the steps below.

    • Check the registered email address: Ensure you’re checking the right email inbox linked to your Udemy account. Learn how to identify your registered email address.
    • Check spam or junk folders: Search your email’s spam, junk, or promotions folders for emails from no-reply@e.udemymail.com, or search for the subject line "Here’s the 6-digit verification code you requested."
    • Review email filters: Ensure that no filters or rules are blocking Udemy emails through your email provider.
    • Add Udemy to the safe sender list: Add no-reply@e.udemymail.com to your email provider’s allowlist.
    • Using a work or school email?: Contact your IT team and ensure emails from udemy.com and e.udemymail.com are allowed.
    • Check your email storage: Make sure your inbox isn’t full, as this can block new emails. If your email storage is at capacity, please reach out to your email provider for further assistance.
    • Try social login: If available in your region, you may be able to use Gmail, Apple, or Facebook with the same email, in order to try logging in with a social login.
    Read article

  • Phone Number Sign Up and Log In: Frequently Asked Questions

    This article addresses common questions and provides troubleshooting instructions for signing up or logging in to Udemy.com or the Udemy mobile app using a phone number.

    Please note: If you are using a phone number to sign up to Udemy, after you verify your phone number, you will also be required to enter an email address to complete the registration process.

    Table of contents

    Frequently asked questions

    Troubleshooting 

    Frequently asked questions

    How do I sign up to Udemy with a phone number?

    When creating an account on Udemy.com, depending on your region’s availability, you will have the option to add a phone number for added security. Please enter your complete phone number, including the area code.

    You will then receive a 6-digit verification code through Short Message Service (SMS). Please enter the code to complete the sign-up process.

    How do I log in using my phone number?

    When logging in to Udemy.com or the Udemy mobile app using your phone number, you'll receive a 6-digit verification code through Short Message Service (SMS). 

    To complete your login, enter this code in the designated space on Udemy.com or the mobile app. Please ensure you use the latest code, which should arrive within a few minutes.

    How do I change or remove my phone number in my account?

    After logging in to your account, please access your account settings page. Then, click on the edit icon next to your phone number.

    You can input a new phone number to update your account or select Delete to remove your phone number from your account entirely. Please enter the confirmation code sent to your phone to verify this change.

    If you can no longer access notifications or messages for your phone number, please review the troubleshooting instructions below. 

    Can I add the same phone number to more than one account?

    No. To maintain the security and recovery of your account, each account must be associated with its own unique phone number. 

    Can I use a landline or verify my account through a phone call?

    Unfortunately, verification can only be completed through Short Message Service (SMS), depending on availability in your country. 

    As codes cannot be verified over a phone call, landlines are not supported at this time. 

    Will I be charged for a Short Message Service (SMS) code?

    Charges for receiving Short Message Service (SMS) for verification may vary based on your location and mobile plan. Typically, standard messaging rates will apply. 

    We recommend reaching out to your mobile provider to confirm any potential costs before using this feature.

    How does Udemy store my phone number?

    Like other account data, phone numbers are stored in Udemy’s secured virtual private cloud environment. Additional information about Udemy’s personal data handling practices can be found in Udemy’s Privacy Policy.

    Why do I have the option to sign up for WhatsApp notifications?

    Depending on your region, you may have the option to sign up for marketing notifications via WhatsApp.

    Can I choose to receive a code through WhatsApp instead of Short Message Service (SMS)?

    No, as mentioned above, WhatsApp is only available to receive marketing notifications in eligible regions.

    For issues with your WhatsApp account, please reach out to WhatsApp Support for assistance.

    Is phone number sign up and log in available in all regions?

    Currently, the option to sign up or log into Udemy using a phone number is not available in all regions. If the option is available in your region, you will be able to access it on the login pages as shown above.

    Troubleshooting 

    Didn't receive a verification code

    If you haven’t received your verification code after a few minutes, here are some additional troubleshooting steps you can take.

    • Network signal: Please ensure you have network coverage and a stable signal on your mobile device. 
    • Verify number: Double-check that you entered the correct phone number for your account.
    • Restart phone: Rebooting your phone could resolve the issue.
    • Check with your provider: Make sure you’re not having any issues with your mobile service provider.
    • Resend code: You can ask to resend a code up to ten times per hour. 

    If the problem persists, we recommend signing in using your email address.

    The verification code does not work.

    If you're encountering a Failed error message during login, please make sure you're entering the most recent code sent to your device. You can request up to ten codes per hour. 

    If you continue receiving a Failed error message, please use your email address to sign up or log in to your account. 

    Seeing a "maximum attempts reached" error.

    Once the maximum number of verification code attempts is reached, your account will be temporarily locked. You’ll need to wait at least one hour from your last attempt before trying again. 

    Cannot access account through phone number

    If you are unable to access your account by phone number, we recommend using an email address you shared during the sign up process to log in to your account. 

    If you are not able to access the email address that is registered with your Udemy account, learn how to submit a request to change your email address.

    Received a text verification code for a login attempt I did not initiate.

    If you received a verification code message for a login you did not initiate, please follow these steps to secure your account

    Please note: We recommend contacting Udemy Support immediately for the following issues:

    • You encounter a notification advising you to contact support if you don't recognize the activity.
    • If the email address or phone number you have registered with Udemy has been changed in your account, and you can’t initiate a password reset.
    • You received notifications about purchases you don’t recognize on Udemy.

    Changed or lost my phone number

    If you have changed your phone number, we recommend logging in using the email address associated with your account. Once you have logged in, you can update your phone number in the account settings.

    If you are having trouble with your email address, learn how to troubleshoot common login issues

    I have multiple Udemy accounts that I would like to combine. 

    Learn how to submit a merge account request.

    Read article

  • Enabling and Troubleshooting Multi-factor Authentication (MFA)

    You can further enhance the security of your Udemy account and help prevent unauthorized access by enabling our multi-factor authentication feature (MFA). 

    This article outlines how you can enable the MFA feature and log into your account.

    Table of contents

    When does Udemy use multi-factor authentication (MFA)?

    Udemy uses MFA to verify your identity for tasks that require you to enter a password, such as changing your email.

    In these cases, if you have MFA enabled, Udemy will email you a 6-digit code to double-check your identity. MFA can greatly reduce identity theft and unauthorized access to sensitive information in your account.

    What's the difference between MFA and passwordless email authentication?

    Multi-factor authentication

    MFA is a second form of verification that Udemy uses to verify your identity for tasks that require you to enter a password. Udemy may prompt you to use MFA when:

    • Changing your email address, if you have a password associated with your account. 
    • Changing your password with the help of Udemy support.
    • Accessing links sent to you from Udemy support.

    Passwordless email authentication

    Passwordless email authentication is a way to verify an account holder’s identity without using a password. With passwordless email authentication, a 6-digit code is sent to your email inbox, which needs to be entered to complete the sign-up or login process.

    • Note: Passwordless email authentication is the default method for logging in to Udemy and it’s not possible to disable it or to log in with a password instead.

    How to enable MFA in your account

    Note: Enabling this feature will sign you out anywhere you’re currently signed in.

    To enable MFA: 

    1. At the top right of the page, move your cursor to your initials or profile image. 
    2. In the dropdown menu, click Account settings.
    3. Under Mobile-factor authentication, click Enable.
    • Note: Passwordless email authentication is the default method for logging in to Udemy and it’s not possible to disable it or to log in with a password instead.

    Can I disable MFA in my account?

    While we strongly recommend that MFA be enabled to help ensure continued security on the Udemy platform, you can disable MFA for your Udemy account by navigating to your Account settings and clicking Disable.

    Note: This action will only disable MFA, and not passwordless email authentication. Passwordless email authentication is the default method for logging in to Udemy and it’s not possible to disable this for your account.

    Troubleshooting issues with MFA

    Note: This section provides tips for troubleshooting issues with MFA. For help troubleshooting issues with passwordless email authentication for login, see tips for troubleshooting login and email issues.

    I can’t access the email address that’s registered with my Udemy account to retrieve the 6-digit code

    I don’t know what email address is registered to my Udemy account

    See instructions for checking what email address is registered to your account.

    I can’t locate the 6-digit code in my email 

    If you can’t locate the email containing the verification code:

    1. Review these troubleshooting steps for resolving issues receiving Udemy emails.
    2. After completing the troubleshooting steps, wait at least 15 minutes before resending a verification code, as there may be a temporary delay with deliverability.

    “Code used before” error message

    If you encounter the error message “This code has been used before. Please wait for a few minutes and retry with another code”, follow these troubleshooting steps:

    1. Ensure that you initiate and retrieve your 6 digit code from the same device and browser.
    2. Attempt the action again to initiate another code. 
      • Ensure that it has been at least 5 minutes since your last attempt.
      • If you’ve initiated multiple codes, ensure you’re using the most recent code that was sent.
    Read article

  • How to change your email address or password on a browser

    This article provides instructions for changing the email address or password associated with your account on a browser. 

    Note: Passwords are no longer used for logging in to Udemy.

    • If you originally created your account using a password, you’ll now use passwordless email authentication with a 6-digit code to log in to your account instead. 
    • If you created your account without a password, you don’t need to create a password and will use passwordless email authentication with a 6-digit code to log in to your account.

    For more information:

    Table of contents

    Change your email address on a browser if you have a password

    If you previously created a password for your account, and want to change the email associated with your account, log in to Udemy and complete these steps:

    1. At the top right of the page, move your cursor to your initials or profile image. 
    2. In the dropdown menu, click Account settings.
    3. Click the pencil icon next to your current email address.
      • Note: You may be prompted to enable multi-factor authentication (MFA). Follow the instructions on screen to enable MFA before continuing with these steps. See steps for enabling MFA.
    4. Enter your new email address and current password, and click Verify my new email

    Change your email screen on browser

    5. You’ll receive an email to your new email address with a 6 digit code. Enter this code and click Update your email to complete your email change.

    6-digit code for browser

    Change your email address on a browser if you don’t have a password

    Important security note: If you change your account’s email address, any credit card information you have saved in your account will be deleted. Learn how to add or delete cards in your account.

    If you signed up to Udemy using passwordless email authentication, and want to change the email associated with your account, log in to Udemy and complete these steps:

    1. At the top right of the page, move your cursor to your initials or profile image. 

    2. In the dropdown menu, click Account settings.

    3. Click the pencil icon next to your current email address.

    4. Enter your new email address and click Verify my new email.

    Change your email with a 6-digit code

    5. You’ll receive an email to your new email address with a 6-digit code. Enter this code and click Update your email to complete your email change.

    6-digit code for browser

    How do I change my email address if I’ve forgotten my password?

    If you’ve forgotten your password, and need to change your email address, contact Udemy support for assistance.

    How do I change my email address if I don't have access to the email address?

    If you’re unable to access the email address that’s registered with your Udemy account (for example, you no longer have access to the email address or a typo was made in the email address when you signed-up to Udemy), you can submit a request to our team to associate your account with a new email address. 

    • Note: The email you wish to change to must not be registered to a Udemy account. If you already have a Udemy account with the other email address, see how to submit a merge account request instead. 

    In order to submit an email change to our team for existing Udemy accounts, provide the following information when contacting our team. 

    1. Account ownership verification

    In order to verify your ownership of both accounts, our team requires proof of purchase for any of your courses in the account that will be merged into your primary account.

    This can be in the form of:

    • a bank statement showing the purchase OR
    •  an enrollment email you received upon purchase

    You can also provide a screenshot of either of these two options.

    Note: As an additional security precaution, screenshots of the purchase history page won't be accepted.

    2. Email addresses

    Provide both of these email addresses:

    1. The email address you can't access, which is linked to your Udemy account.
    2. The new email address you'd like to use, that isn't associated with any Udemy account.

    Once you have the information below to provide to our team, contact support to begin the email change process.

    How to change your password on a browser

    If you originally created your account using a password, and would like to change the password:

    1. At the top right of the page, move your cursor to your initials or profile image. 
    2. In the dropdown menu, click Account settings.
    3. Enter your Current password and your New password.

    Change password on browser

    4. Click Change password to save your new password.

    How can I change my password if I’ve forgotten my current password?

    If you’ve forgotten your password, please reach out to Udemy Support to request a password reset. 

    Please note, it’s no longer possible to log into Udemy using a password. See instructions for logging into Udemy with passwordless login.

    Read article

  • Keeping Your Account Secure

    Udemy has security protocols in place to help keep your account secure, but there are several things you can also do to protect your account, and dramatically reduce the likelihood of it being compromised.

    Create a strong password

    Note: If you signed up to Udemy using passwordless email authentication, your account doesn’t have a password and you don’t need to create one. 

    If you previously signed up to Udemy using a password, we strongly recommend you consider the following when updating your password:

    • If you’re selecting a password while accessing Udemy on a browser, passwords must be at least 6 characters long.  If you’re creating a password while using the Udemy mobile app, it will need to be at least 8 characters in length.
    • Remember that longer passwords are always better since they are harder to crack.
    • The best passwords are longer and contain a mix of letters, numbers, symbols (e.g. #, !, &), uppercase and lowercase letters.
    • Passwords should be unique to you and should not contain
      • Sequential letters or numbers (e.g. abcdefgh, 12345678)
      • Repeating letters or numbers (e.g. dddddddd, 88888888)
      • Words that are commonly used in the dictionary or across the internet
      • Words related to our site (e.g. “udemy”)
      • Your own name or email address, or words you might use on your social media accounts like your location or favorite team
      • Don’t use obvious numbers (for example, don’t use numbers that are in your birthday or phone number)
    • Create a unique password for each account and service you have, rather than using the same password for each site, especially if there have been security breaches with those passwords. This way if one of your accounts is compromised, then that password can't be used to gain access into your other accounts.
    • Rather than creating your own complex password, use a browser plug-in, system keychain, or third-party password manager to create and store complex passwords.

    Change your password periodically

    We also recommend changing your password periodically, as this is another great way to keep your account secure. When you do change your password, we recommend creating a new one, rather than using a password you’ve already used.

    Learn how you can change your account’s password.

    More tips to protect your account

    In addition to selecting a strong and unique password, there are several other simple ways you can protect your account, and greatly reduce the likelihood of it being compromised.

    • Enable MFA for your account.
    • If you’re accessing your Udemy account from a public or shared device, be sure to log out of your account when you’re finished studying.
    • Always log in at https://www.udemy.com/. Check the URL of the page before you enter your login info if you're unsure. In addition, you can also type https://www.udemy.com/ directly into your browser.
    • Do not write down or store your password in your files or online accounts.
    • Do not share your Udemy account or account credentials with others.
    • If a computer or mobile device you used to access your Udemy account is lost or stolen, use another device to initiate a password reset email. Learn how to reset your password.​

    For information on what steps you should take if you believe your account was compromised, review this troubleshooting article.

    Read article

  • Compromised Accounts: Troubleshooting & Help

    This article includes common explanations for mistaking that a security breach has occurred, as well as steps you can take to secure your account, if you believe it has been compromised. 

    Note: We recommend contacting Udemy Support immediately if:

    • You encounter a notification advising you to contact support if you don't recognize the activity.
    • The email address or phone number you have registered with Udemy has been changed in your account, and you can’t initiate a password reset.
    • You received notifications about purchases you don’t recognize on Udemy.

    Table of contents

    Issues commonly mistaken for account compromises 

    I can’t log in to Udemy

    1. Have you entered the correct email address? See how to check your account’s email address
    2. Have you entered the correct 6-digit code?
      • Double check you’ve entered the 6-digit code correctly.
      • If you’ve initiated multiple codes, ensure you’re using the most recent code that was sent.

    I received a password reset email I didn’t request 

    To help ensure the security of accounts, password resets may be initiated by Udemy. The email will explicitly state that Udemy has reset your password as a precautionary measure, and this doesn't indicate that your account has been compromised. When Udemy initiates a password reset we send a notification from the following email address: no-reply@e.udemymail.com

    udemy_change_your_new_password.png

    I can't find my course(s)

    Review troubleshooting steps you can take to locate your missing courses.

    How to protect your account

    Udemy has security protocols in place to help keep your account secure. Accounts can become compromised, however,  if an individual has gained access to your login credentials through fraudulent activities, like for example, a phishing scam.

    If you encounter any of these issues, follow the steps in this section to help protect your account: 

    • You received an email indicating that your email address or phone number has been changed, but you didn’t make this change.
    • You were notified that your password has been changed without your consent. Note: This is different from a Udemy password reset notification.
    • Your account information, such as your name or credit card, has been changed without your knowledge.
    • Unrecognized activities, such as direct messages or Q&A comments, have been made from your account.
    • You received a 6-digit code for a login attempt you didn't initiate.

    If you use passwordless email login

    1. Try logging in through a code sent to your Udemy email. Learn how to log in to Udemy.
    2. Once logged in, follow the steps in this article to keep your email account secure.
    3.  If you have concerns regarding the email address associated with your account, consider completing an email change. Learn how to change your account’s email address on a browser or on the mobile app
    • Note: You may be prompted to log out of your account when attempting to complete an email change, and will only be able to confirm the email change once you are able to log in successfully.

    If you use Apple, Facebook, or Google login

    1. If you previously signed up for Udemy using Apple, Facebook, or Google, please contact the support team of the corresponding platform (Apple, Facebook, or Google) to secure your account there.
    2. Once logged in, follow the steps in this article to keep your email account secure.
    Read article

  • Login Alert Notifications

    This article explains what login alert notifications are and when you may receive these emails from Udemy. 

    What are login alert notifications? And when are they sent?

    When our system detects suspicious or inconsistent behavior, there are a few ways our system will respond, including sending an alert notification to confirm if a login was authorized by you. For example, if our system detects a login from a new device, or a login in a new region, Udemy will send you an alert notification to let you know.

    What do the login alert notifications say?

    The emails Udemy sends will come from the no-reply-alert@e.udemymail.com email address, and include a subject line noting that it is a login alert notification. The notification will include what browser and operating system the login was detected on, and the time it happened, according to our systems/records.

    What should you do if you believe your account was accessed by someone else?

    If you receive an alert notification for a login you didn’t initiate, and you suspect your account was accessed by someone else:

    • If you have a password associated with your account, change your password immediately.
    • If you don't have a password associated with your account, your email account may have been compromised. We recommend contacting your email provider (for example, Gmail or Outlook) for assistance.

    Review additional steps you should take if you believe your account has been compromised.

    Read article