We have built a KOBO form and did the encryption and decryption of that form. Then gave the password and user name to whom we did the project for checking purposes. But after giving the user id and password, they changed the password and email id too without our knowledge. On all the websites or servers which we have to create an account asks for a primary email id or phone number which could not be changed. But even without any authentication now they have did so? Is there any possibility to recover that account? What should I do further?