Gmail security is a big one, seeing as it’s one of the most popular email providers in the world, and there’s a good chance it’s linked to other Google services you use – Drive, Calendar, Google+ – by means of your Google account.
So taking care of your Gmail account and making sure it’s not vulnerable to phishing scams, hackers, and other mishaps is as important as having a lock on your garden door. Here are five suggestions of good practice you should know about to bolster your Gmail security.
The foundation of all account security, two-factor authentication/two-step verification, should ensure that no intruder can access your account, even if they have your password. It does so by sending a code to your phone each time you try to log into your account from a new device.
To switch this on, go to this page, then click “Get Started.” Simply follow the steps, enter your phone number, then enter the verification code when prompted. Once you’ve done that, you’ll have two-step verification enabled.
On the two-step verification homepage you can set up an alternative second step if you like, choosing from the authenticator app, backup codes, and a prompt from Google instead of a texted code.
Track Activity in Gmail Account
If you’re concerned that you have a hacker snooping around in your account (if, for example, emails that you haven’t read are being marked as read), then you should check the activity information on your account to see how and when it’s being accessed.
Open your Gmail inbox, scroll all the way to the bottom of the page, then at the bottom right corner, click “Details.” This will take you through to the Activity Information screen. From here you can see everything about how your account’s being accessed, and at the bottom of the page you have an option to “Show an alert for unusual activity,” which you should select.
If you want to be on the super-safe side, at the top of the screen select the option to “Sign out of all other web sessions” to close Gmail on all devices that may be running it apart from the one you’re using.
Control Authorized Access to Google Account
It’s easy to lose track of all the apps that you allow to access certain information on your Google account, and if you’re not careful there’s a chance you’ve handed over your email information, Google contacts and so on to a dodgy app that’s passing those details onto phishing scammers and spammers.
To manage the apps that have authorized access to your account, go to this page. If there’s anything on there that’s suspicious, or you simply don’t want it accessing your info, click it, and then click “Remove.”
Change Your Password When There’s a Security Breach
Whenever we hear about massive-scale thefts of user account information, such as the PlayStation Network outage in 2011 and the eBay breach in 2014 when 148 million users’ details were compromised, it can all feel distant, like it might not affect us. Probability-wise, that may be so, but are you comfortable knowing that your current login credentials are out there, possibly ready to be used and abused by the highest bidder?
Whenever you hear about a breach like this, even if it’s unverified (such as this apparent sale of Gmail accounts on the Dark Web back in March), err on the side of caution and change your password. And make sure it’s a good password at that, or ideally a randomly generated one using LastPass or similar tool.
Check Your Settings for Email Forwarding and Delegates
Sometimes a hacker just needs to access your account once in order to continue seeing everything that you do on it. A hacker may have set up a forwarding email address for your important emails, for example, or granted themselves access to read emails on your behalf as a ‘delegate.’
To make sure this skulduggery isn’t happening, go to your Gmail account, click the Settings cog at the top right, then go to “Accounts and Import.” Check that there aren’t any emails next to the “Grant access to your account” heading, and make sure to “Mark conversation as read when opened by others” so that it’s easier to spot any illicit activity.
Then, click “Forwarding and POP/IMAP” and make sure there aren’t any forwarding addresses set up on your account. If you do spot any dodgy business here, then as well as removing any email addresses that shouldn’t be there, make sure to change your password immediately.
These are some of the ways you can ensure your safety on Gmail. There are others too, of course, and it goes without saying that you should never open suspicious emails and definitely never enter your Gmail details after clicking through on an email you’re not sure about.