Gmail remains the most popular email platform with over 1.8 billion users worldwide (source: https://techjury.net/blog/gmail-statistics/#gref). From bank statements to personal letters, and even password reset requests, your Gmail account holds an abundance of personal information. If someone were to access it, they’d effectively have access to the rest of your online identity.
While there is no reliable data on this for the current year, data breach statistics from 2018 show that over 2.5 billion accounts were hacked in that year. That amounts to roughly 6.85 million accounts getting hacked each day or 158 every second. Since cyber-crime numbers have risen since then, it is safe to assume that the number of accounts getting hacked daily has likewise increased. (source: https://review42.com/hacking-statistics/)
Securing your Google account isn’t hard, nor is it time consuming, and it’s something that everyone who has a Google account should do. Google has done an excellent job by creating Your Google Account that put everything (devices, passwords, addresses, and payment etc) in one place and making it incredibly easy to access, control, and modify.
The purpose of this article is to educate you on actionable steps to ensure that data in your Gmail and Google Account remains safe and private. Follow these 5 steps to ensure that your Gmail security is top-notch and you are no longer at risk of being compromised.
Instead of just hoping that hackers don’t find you, take 6 minutes and secure your Gmail account right now.
1. Use a strong password and never share your password with anyone
Reusing same passwords across multiple sites and services is just asking for your accounts to be hacked. All it takes is a leak or breach at one service, and hackers will begin trying to sign in to all of your accounts.
The key aspects of a strong password are length (the longer the better); a mix of letters (upper and lower case), numbers, and symbols, no ties to your personal information, and no dictionary words. The good news is you don’t have to memorize awful strings of random letters numbers and symbols in order to incorporate all of these aspects into your passwords. You simply need a few tricks.
Example:
- John3:16=4G (Scriptural reference)
- Pwrd4Acct-W$ (Password for a WordPress account)
To change your Google account password,
For Android:
- On your Android phone or tablet, open your device’s Settings app. click on Google and then click on Manage your Google Account.
- At the top, tap Security.
- Under “Signing in to Google,” tap Password. You might need to sign in.
- Enter your new password, and then tap Change Password.
For Iphone and Ipad:
- On your iPhone or iPad, open the Gmail app or In the top right, tap your profile picture or initial and then click manage your Google Account. If you don’t use Gmail, go to myaccount.google.com.
- At the top, tap Personal info.
- Under “Profile,” tap Password.
- Enter your new password, and then select Change Password.
For Computers:
- Open your Google Account. You might need to sign in.
- At the left top, tap Personal info.
- Under “Basic info,” Choose Password. You might need to sign in again.
- Enter your new password, and then select Change Password.
2. Enable two-step verification on your Google account.
With 2-Step Verification (also known as two-factor authentication), you add an extra layer of security to your account in case your password is stolen. After you set up 2-Step Verification, you’ll sign in to your account in two steps using:
- Something you know, like your password
- Something you have, like your phone
Steps to Turn on 2-Step Verification
For computers:
- Open your your Google Account.
- In the navigation panel, select Security.
- Under “Signing in to Google,” select 2-Step Verification and then click Get started. You might need to sign in again.
- Follow the on-screen steps. (Enter your telephone number, Select how you want to get the code etc)
Make sure that you’re signed in to your Google Account on an Android phone or iPhone.
For Android:
To use Google Authenticator on your Android device, you need:
- Android version 4.4 and up
- To turn on 2-Step Verification
- Download Google Authenticator and install it
How to set up Google Authenticator
- On your device, go to your Google Account.
- At the top, in the navigation panel, tap Security.
- Under “Signing in to Google,” tap 2-Step Verification. You might need to sign in.
- In the “Add more second steps to verify it’s you” section, under “Authenticator app,” tap Set up.
- Follow the on-screen steps.
For iPhone & iPad:
To use Google Authenticator on your iPhone, iPod Touch, or iPad, you need:
- The latest operating system for your device
- To turn on 2-Step Verification
- Optional for QR code: iPhone 3G and up
- Download Google Authenticator and install it.
How to set up Google Authenticator
- On your device, go to your Google Account.
- At the top, in the navigation panel, tap Security.
- Under “Signing in to Google,” tap 2-Step Verification. You might need to sign in.
- In the “Add more second steps to verify it’s you” section, under “Authenticator app,” tap Set up.
- Follow the on-screen steps.
3. Respond to security alerts
Google sends you security alerts to help prevent other people from using or abusing your account. It is highly recommended that for Google to keep your account secure, you must respond right away to any security alerts you get by phone or email.
You’ll get security alerts from Google when they:
- Detect important actions in your account, like if someone signs in on a new device.
- Detect suspicious activity in your account, like if an unusual number of emails are sent.
- Block someone from taking an important action, like viewing stored passwords.
Steps to Review the alert activity if it wasn’t you
- On the security alert, review the sign-in details, including device type, time, and location.
- If this activity doesn’t look familiar, choose No, secure account.
- Follow the steps to help secure your account. You might need to change your password.
- Go to your Google Account.
- On the Security issues found panel, click Secure account.
If the activity was you
- On the security alert, review the sign-in details, including device type, time, and location.
- If you’re sure this activity was done by you, choose Yes.
4. Review your device
Google allows you to see computers, phones, and other devices that are currently using or have recently used your Google Account. You can check this info to make sure no one else has signed in to your account.
To Review devices where you’re signed in
- Go to your Google Account.
- On the left navigation panel, select Security.
- On the Your devices panel, select Manage devices.
- You’ll see devices where you’re currently signed in to your Google Account. For more details (Sign out, find the device, what browser the device used, time, location, date etc), select a device.
- Scroll down to “Where you’ve signed out.” You’ll see any devices where you’ve signed out of your Google Account in the last 28 days.
5. Manage Third-party apps
You may have signed up to a certain website using your Google credentials or installed third-party extensions/apps (created by companies or developers that aren’t Google) over time. Some of those may put your Gmail account (the gate ways to multiple accounts) at risk one day.
In 2018, Google admitted that third-party apps can read your Gmail messages. Some third party apps can even access your contacts, drives, calendar, payment details and so many more (depending on the permission granted – sometimes we neglect the condition of service). The best practice is to always revoke access to apps you no longer use to mitigate any risks.
- An incident caused by malicious 3rd party app.
- 5 Practical Ways To Reinvent Your Career In Uncertain Times.
- The One Thing That Can Never Be Found When Lost: A Case Study Of Steve Jobs
Steps to review and remove a third party access
- Go to the Security section of your Google Account.
- Under “Third-party apps with account access,” select Manage third-party access.
- Select the app or service you want to review.
- To remove the app/extension. Select the app or service you want to remove and Select Remove Access.
You’re done! Just by taking these 5 steps you have greatly improved the security of your Google Account and reduced the risk of being hacked.
