Your AI Account : Are You the Only One Using It?

Something hit me last week, and it made me u neasy

I'd been using an AI writing tool on login credentials I borrowed from a friend during a trial period — and just never switched to my own. Last month, that friend mentioned he 'd shared the same account with three other people. My immediate thought : my conversation history ... client details ... all sitting in there .

Not a disaster . But that feeling of " I thought this was mine, turns out it wasn't" — that stuck with me.

Recently , an internal Anthropic model ( the company behind Claude) that was only supposed to be available to a small group of partners got accessed on its launch day by people in a chat group. No sophisticated h acking involved — they just guessed the URL pattern , and someone used a borrowed contractor account. Sound familiar?

This isn't just a " big company problem"

I used to think data le aks were something that happened to large corporations , not to someone like me picking up a handful of clients as a freelancer . Then I met Lena, a brand designer in Shanghai working with overseas clients. She discovered her former business partner had never stopped using their shared AI tool account — and inside it were bri efs and communication records from her current clients. She told me: "I thought ending the partnership meant everything was over. I didn't realize the account was still open ."

None of this requires a hacker. All it takes is one shared account that never got closed, or one password that's too easy to guess.

The AI tools we use — ChatGPT, Claude , or any of the wrapper products built on top of them — most of them save your conversation history. That history might contain client names, project details, draf ts you haven't sent yet. If someone else gets into your account, they can see a lot more than you'd expect.

Something you can do today: 0 cost, 20 minutes

Cost : $ 0. Everything here uses features already built into the tools .

Time : About 20 minutes the first time, 5 minutes whenever you switch accounts after that.

Technical barrier: If you can receive a verification code on your phone, you're good . No technical knowledge needed.

First step: Open the AI tool you use most, go to "Account Settings " or "Security Settings, " and look for something like " Logged - in Devices" or "Active Sessions. " Open it and kick out any device you don't recognize.

From there:

• Turn on two-factor authentication (2 FA) — when you log in, you enter your password plus a code sent to your phone. Almost every major tool has this; look in security settings.
• If you've been using a shared account, switch to your own — even the free tier works .
• Change your password to something you haven 't used anywhere else.

Not everyone needs to do this immediately . If you don 't store any client information in your AI tools , it 's not urgent . But if you do, it 's worth the 20 minutes.

Where you 're at right now — here 's what I'd do

If you're just starting out and don 't have clients yet: Build one habit now — don't b orrow other people's accounts, even for free tools . Register your own, even on the free plan . It saves a lot of head aches later.

If you already have 1– 2 clients and you 're using AI tools on their projects: I 'd spend 10 minutes today checking whether two - factor authentication is enabled on the tool you use most. It 's the lowest -effort , most direct protection available . I kept putting it off because it seemed anno ying — then I turned it on and realized it adds about 5 seconds per login .

If you 're scaling up and starting to work with a small team or contractors : The risk from shared accounts multipl ies fast at this stage. I'd give each collaborator their own account (many tools have team plans , or everyone can just register their own free account), and rev oke their access when a project wr aps up. L ena does this now . She put it simply : "It 's like collecting the key card back after a project ends . Just basic practice ."