However for some folks their GMail account assumes more importance since its their identity across all Google services like Google Adsense, Analytics, YouTube, Wave, Buzz and many others. If your GMail account gets hacked, the hacker would have access to all your data on all the services.
As the saying goes – Precaution is better than cure, we look at a few tips that would help you safeguard your GMail account.
Gmail Account Safety Tips:
No security is foolproof, but we can take proper steps to make sure we follow best practices for information security. This would go a long way in keeping our important personal information safe on the internet.
1) Keep the “Always Use https” option “ON”:
Google understands that using https improves the security of your accounts, especially when you are using a Public Network. When your GMail account uses https, no one can eavesdrop on your login information or email contents. You can enable the option for your GMail account by going to Settings > General > 5th Row:
We have previously written about “Why You should always use https” and “How To Automatically Enable https in Firefox”. Both these articles outline how a https connection keeps your identity information safe on the internet.
2) Check Your IP Login Session Information Regularly:
If you scroll down to the bottom of your GMail account page, you would see a link next to “Last Account Activity” that shows details about the activity happened on your account.
When you click on “Details” it shows important information about activity on your GMail account like – where it was accessed from (browser, mobile etc) – what was the IP address of access and the time and date it was accessed.
As you see in the screenshot above the account is regularly accessed from United States, but the latest activity happened from an IP belonging to Poland. Unless you were in Poland 2 days ago, this would indicate access by someone else.
The GMail team has implemented this awesome security feature which can really help you keep safe. Read more about it on the GMail blog here.
Note: You can add a note in your Google tasks to check for Account Activity once a week. This way you keep a tab on what’s happening on your GMail account once a week.
3) Check Email Settings and Options Regularly:
If your account is compromised, a sneaky hacker, who wants to stay undetected, can just change a small detail on your account. He can add his email address in email forwarding options in your GMail account. This way – each and every email that comes into your account is auto forwarded to him and he can use the information as he pleases.
You can change this by going to Settings > Forwarding and POP/IMAP tab. Just select the “Disable Forwarding” option.
This may seems unlikely, but it happens in many cases, where someone just wants to watch your incoming emails and replies.
If your account is compromised – Few other settings which you should check:
- Review your signature and vacation responder to make sure they are what you expect.
Settings > General > Signature
Settings > General > Vacation Responder
- Review your ‘Send mail as’ settings to make sure they are using your correct email address. Settings > Accounts and Import > Send Mail As
- Check for filters that forward or delete messages.
Settings > Filters
4) Choose A Unique Security Question:
One of the weak links to password security is the secret password recovery security question. If you post a very simple question – chances are that a person who has knowledge about you can guess the answer. So make sure you select a unique security question, to which only you would know the answer.
Review your Security Question and other recovery options.
Settings >> Accounts and Import >> Google Account Settings
Select “change password recovery options” and verify your secret question, phone number and recovery email address.
One of the best things to do – if you know other language than English is to post the security question and answer in that language. This would further complicate matters for a person who is trying to guess our secret answer.
5) Backup your Emails:
Like I said before, for a lot of people GMail is their primary account and can contain some really important emails. Under some circumstances if your account does get compromised, it’s a good idea to have a backup copy of your emails.
The person who hacks the account might just delete the emails on a whim ( I know someone who has experienced this)
So it’s a good idea to always back up you email address by the way of forwarding them to your secondary email account (check point 3 above) or downloading your emails regularly on your computer via POP/IMAP access with a Desktop email program like Outlook or Thunderbird.
The POP/IMAP way is more manual, but if you just setup a secondary account, all your emails would be forwarded there, and would be safe and backed up. You can choose any option that suits you best.
You Gmail Account Password Security:
The password is the weakest link in the security process and hence most often targeted by hackers. They would invent innovative new ways to get their hands on your password. If they get it, all other security steps are futile. So here are 5 steps to ensure maximum password security.
6) Use Unique Passwords for each online service:
More often than not we get lazy and use the same passwords for a number of services. If any one gets access to one of the service, they get access to all others, even your GMail account.
So for a secure experience always use unique passwords for your GMail account or for that matter on all your Online accounts.
7) Use KeyScrambler to protect yourself from KeyLoggers:
Keyloggers are sneaky little programs that can slip past your security software at times, if it’s a newly developed Trojan virus. They are a nightmare since they send back all information you type back to the person who wrote the virus.
So anytime you type your password, the hacker would get access to it. To protect yourself from keyloggers, KeyScrambler is a must use software. Read more about it here – “Protect yourself from Keyloggers”.
KeyScrambler is really awesome and I urge our readers to use it, as it simply renders keyloggers useless and its your 1st line of defense against them.
8] Use KeePass To Secure Your Passwords:
As we pointed out in point 6 above, using unique passwords for all services is a good idea, but how is one supposed to remember all these passwords? If you write it in a notepad, it’s easily accessible to anyone.
Your best bet is to use a Password Manager. When we talk about a desktop password manager, no other program can top KeePass Password Manager. We have already written an exhaustive KeePass Review. Check it out, you would know why its the best and why you absolutely must use it.
9) Use LastPass To Secure Your Passwords:
If you are not a fan of desktop password manager and prefer to have access to your passwords from any computer that has internet, then you can go with LastPass instead. It’s a cloud based password manager, which can be used from any Internet browser.
Read our LastPass Review and see if you prefer it over KeePass.
I use KeePass for all my Password Management needs, and LastPass for all my Social Media accounts. You can use them in tandem – or anyway that suits you best.
10) Check Your Password Strength:
If you don’t want to use a password manager, the least you can do is to check your password strength and see if the password you are using is strong. If you are using a password that is weak chances are it can be stolen via dictionary or brute force attacks.
Microsoft has a dedicated password strength checking tool – You can access it here. You can always use this tool to get an idea if the password you use is good enough. They also have some nice tips for creating good passwords, so check it out.
Thanks for taking the time to read this post and being vigilant about your security online. If you follow the above mentioned tips, you can rest assured you would have a safe and secure experience online. In today’s fast changing Internet landscape, knowledge = safety.