How can I keep my Grammarly account secure?

We know you care about the security of your Grammarly account. So do we. To that end, here are our recommendations for keeping your account and personal information safe.

To protect your account:

Use a strong password and change it periodically 

Your password is a key piece of information that keeps your account safe. To help ensure your account stays safe and secure, we recommend using a password that is:

  • Unique to your Grammarly account.
  • At least 8 characters long.
  • A mix of uppercase and lowercase letters, numbers, and symbols.
  • Not a word in the dictionary, a name, or other personal information like a birthday, address, or anniversary.

Enable two-step verification

  1. Sign in to your Grammarly account and click Security in the pane on the left side of the page.
  2. Click Turn On. You may be asked to verify your account again by entering your password.
  3. Enter a valid phone number that can receive text messages.
  4. Click Send Code.
  5. Enter the verification code you receive via text message.
  6. Click Turn On to enable two-step verification.
  7. IMPORTANT: Please save the backup codes you’ll receive in the next popup. If you lose access to your phone, a backup code is the only way you’ll be able to sign in to new devices.

Be aware of possible phishing attempts

Phishing is an attempt to acquire your personal information by pretending to represent a website or company you trust online.

Phishers will go to great lengths to try to hijack your account or steal your personal information. They may create fake websites that look like Grammarly, or send official-looking (but fake) emails asking you for personal information.

Grammarly will never ask for any personal information in an email. This includes:

  • Payment information (full credit card number, direct debit account, PIN, etc.).
  • Social security number or tax identification number.
  • Your account password.

Be careful if you receive an email message asking you for this or any other personal information. If you're unsure about a link in an email, you can always hover over the link to see where it goes (you'll see the real, linked web address at the bottom of most browsers).

If you're still not 100% sure that the website you're on is the real Grammarly site, you can always type directly into your web browser.

Finally, if you get an email that looks like a phishing attempt, please let us know by forwarding it to Be sure to include the message header information, which can be found by using this Google article.

Keep your computer safe

In order to receive the best possible Grammarly experience, it's important to keep your computer free of malware and viruses. Signs that your computer may be infected include:

  • Unusually slow or sluggish computer performance.
  • Pop-up windows or advertisements.
  • Unexpected reboots, crashes, or freezing.

If you think your computer might be infected, you can use the anti-malware, anti-adware or anti-virus software recommended by your computer manufacturer or a trusted IT professional.

Keep in mind that malware can evolve, and other malicious programs can cause similar problems. Whichever program you choose to use, be sure to keep it updated with the latest software release.

Report security flaws to us

If you believe you've found a security vulnerability on the Grammarly website or app, we strongly encourage you to inform us as quickly as possible by submitting a report to Grammarly on HackerOne and to not disclose the vulnerability publicly until it is fixed. We appreciate your assistance, and we review all reports and will do our best to address the issue in a timely fashion.


If you have questions about the privacy of your information, please see our Privacy Statement.

Was this article helpful?
Have more questions? Submit a request
security privacy unauthorized fraud identity theft unauthorised fraudulent answer-bot