The invention relates to an account protection method and device, wherein the method and device are used for protecting security of an account. The method includes the keyword finding process and the account login process. The keyword finding process includes the steps of receiving a first request for obtaining an account keyword, wherein the account is bound with a terminal and an Internet communication account in advance; sending the account keyword to the Internet communication account bound with the account. The account login process includes the steps of receiving a second request for logging into the account, wherein the second request includes a user name and a keyword; sending a dynamic verification code to the terminal bound with the account; receiving the verification code sent by the terminal for sending the second request; judging whether the user name and the keyword are correct or not, and judging whether the dynamic verification code and the verification code are matched or not; allowing a user to log into the account when the user name and the keyword are correct and the dynamic verification code and the verification code are matched. By means of the technical scheme, the security of the account can be fully protected, the leakage of information of the user account can be avoided, and the use experience of the user can be improved.