Same Day IT

Guide · stolen & lost laptops

Work laptop stolen or lost: lock it down in the next hour

Here's the short version: the laptop is a stolen key to your accounts, so cut the key first. What you do in the next hour matters far more than whether the hardware ever turns up. This guide covers the ordered first-hour checklist, why signing out everywhere beats a password change alone, and where encryption and remote wipe fit in.

Last updated 4 July 2026 · by Alien IT Solutions

Rule one: the laptop is a key, not just a thing

Left it in a cab? Bag taken from a cafe? However it happened, the single biggest rule is the same: assume whoever has it can reach your accounts. A logged-in laptop is a set of open doors into your email, your files, your saved logins and often your workplace systems. The hardware is replaceable. The access is what does the damage.

So the work of the next hour is not chasing the laptop. It is closing the doors, in order, so that even if the machine is sitting switched on in someone else's hands, it can no longer get into anything that matters.

Why a password change alone is not enough

Most people's instinct is right: change the password. That is the correct first move. But a lot of people stop there, and a password change on its own has a gap. On many services, a device that is already logged in stays logged in. Changing the password locks out anyone trying to sign in fresh, but the stolen laptop, already inside your account, can keep going.

Think of it like changing the lock on your front door while a guest is still inside the house. New visitors are stopped at the door, but the person already in the lounge room is untouched until you actually walk them out.

Walking them out is a separate button, usually called sign out everywhere, sign out all devices, or revoke sessions. That is the step that forces every logged-in device to prove who it is again, and since the thief does not have your new password, the stolen laptop fails that test. Password change plus sign out everywhere is the combination that actually works.

The first-hour checklist

Five moves, in order. Do them from a phone or another computer, not the missing one, for obvious reasons.

Change your main passwords

Start with the account that unlocks the rest: your email, because password resets for everything else land there. Then your password manager, banking and any work login. Use a device you trust, and make each new password a genuinely different one.

Sign out everywhere and revoke sessions

In each important account, find sign out all devices or revoke sessions and use it. This is the step that kicks the stolen laptop out even while it is switched on. A password change alone can leave it logged in.

Tell your workplace straight away

Your employer or their IT can suspend the account, cut off work email and lock company systems far faster than you can from the outside. Most workplaces have a set process for a lost or stolen device, so let them start it.

Remote-lock or wipe the machine

If Find My or a work management tool was switched on beforehand, use it to lock the laptop with a message, or erase it, the next time it connects to the internet. It may never come online, which is why this sits after the account steps, not before.

Triage: how exposed are you?

Three situations, three levels of urgency. Being honest about which one you are in tells you how hard to push.

! Encrypted and locked, nobody was signed in

The calmest case. If the disk was encrypted and the machine was locked at a login screen, the files are hard to reach without your password. Still change passwords and sign out everywhere, because you cannot be certain what was left open, but the pressure is lower and you have time to be methodical.

! It was awake and logged in when it went

Higher stakes. An unlocked, signed-in laptop hands over whatever was open: email, chat, files, saved logins. Move fast on the account steps, sign out everywhere on every service you can think of, and turn on two-factor authentication where it is not already on. Assume anything that was open has been seen.

! No encryption and passwords saved in the browser

The one to take most seriously. Without disk encryption, someone can read the drive directly, and a browser full of saved passwords is a ready-made list of your logins. Work through your accounts in order of what hurts most to lose, change every important password, and treat each saved login as already exposed.

Where encryption actually helps

Straight answer: full disk encryption is one of the best things you can have when a laptop walks, but it is not a force field. BitLocker on Windows and FileVault on a Mac scramble the whole drive so that pulling it out and plugging it into another machine gives someone a wall of noise instead of your files. That closes off the most patient kind of attack.

What encryption does not do is protect you from a machine that was already unlocked, or a weak login that gets guessed. If the laptop was awake and signed in, the data was already readable to whoever had it, encryption or not. And a short, obvious password is a thin gate no matter how strong the vault behind it. So encryption buys you real protection for the drive, and the account steps cover the gap it leaves.

If you are not sure whether encryption was on, assume it was not and act accordingly. It is easy to check later, and treating the data as exposed for an hour costs you nothing but a few password changes.

Reporting it, without the legal guesswork

Here's the honest part: we fix computers, we are not lawyers, so take what follows as general information rather than legal advice. Reporting a stolen laptop to the police is a reasonable step, and you may need a report number for insurance or for your workplace's records. If the theft happened at work or the laptop belongs to your employer, their policy usually sets out who reports what, so check that first.

Your workplace comes before almost everything except changing your own password. They can suspend accounts, cut off company email and start their own process for a lost device, often within minutes. The sooner they know, the smaller the window anyone has to use the machine against your work systems.

The rule we give everyone: tell the people who can act before you spend time on the people who might sympathise. Colleagues will want the story, and that can wait. The password change, the sign out everywhere, and the call to your workplace or IT are the moves that actually shrink your exposure, so spend the first hour on those.

What a calm response looks like

If you call us in on one of these, here is roughly how it goes. First we work through the account lockdown with you: email, password manager, banking, work logins, each one changed and signed out everywhere, in a sensible order rather than a panic. That closes the doors while the rest is sorted.

Then we look at the device itself: whether remote lock or wipe was available and can still be triggered, whether encryption was on, and what was likely reachable if it was not. We would rather tell you plainly that a machine was wide open than let you assume it was fine, because knowing what was exposed is what lets you change the right passwords and stop worrying about the wrong ones.

The real lesson: set the trap before the theft

Every one of these calls comes down to what was switched on beforehand. Encryption on, Find My or a management tool on, and a recent backup turn a stolen laptop from a crisis into a chore: lock it, wipe it, restore your files onto a new machine, and get on with your day. None of it can be arranged after the laptop is gone, which is the whole point. If today's scare ends with the machine unrecovered but your accounts safe, spend the relief on turning those three things on across every device you own, so the next lost laptop is a hardware bill and nothing more.

Questions people ask

What is the very first thing to do when my work laptop is stolen?

Change your main password from another device, then tell your workplace. The laptop is a stolen key to your email and accounts, so cutting the key is more urgent than the hardware. Once your work IT or manager knows, they can suspend the account and lock things down at their end while you work through the rest.

Should I report a stolen work laptop to the police?

Reporting a theft to the police is a reasonable step and you may need the report number for insurance or your workplace. We are an IT service, not lawyers, so treat this as general information rather than legal advice. Follow your employer's policy first, because they often have a set process for lost or stolen devices.

If my laptop was encrypted, are my files safe?

Full disk encryption like BitLocker or FileVault means someone who pulls the drive cannot read your files without the password or key, which is a big help. It is not a reason to skip the account steps. If the thief guesses a weak login, or you were already signed in, encryption does not stop them. Change passwords and sign out everywhere regardless.

Can I wipe a stolen laptop remotely?

Often yes, if it was set up for it before the theft. Find My on Apple devices and Find My Device or a work management tool on Windows can lock or erase a machine once it next connects to the internet. If it never comes online, the remote wipe waits and may never run, which is exactly why changing passwords and revoking sessions comes first.

What does signing out everywhere and revoking sessions actually do?

Changing a password does not always kick out a device that is already logged in. Sign out everywhere, sometimes called revoke sessions or sign out all devices, forces every logged-in session to log in again. Since the thief does not have your new password, it locks the stolen laptop out of your accounts even while it stays switched on.

The laptop had saved passwords in the browser. What now?

Treat every account with a password saved in that browser as exposed. Start with the important ones, email, banking and your password manager, and change those first, turning on two-factor authentication where you can. A stolen browser profile can hand over dozens of logins at once, so changing the master password and the key accounts is the priority.

Laptop gone right now?

Change your main password, then tell us what happened through the contact form. We'll walk you through the account lockdown in the right order and tell you straight what was likely exposed.