How to Secure Your Gmail Account

In 2016, Hillary Clinton’s campaign chairman, John Podesta, had his Gmail account hacked, leading to a series of leaks just before the presidential election.

Analysis by cyber experts later found that this hacking attack could have been entirely avoided if Mr. Podesta had set up some sort of security measure to protect his Gmail account.

This attack, and many other email hacking incidents that have happened over the years point to the need to keep your Gmail account very secure. You have to protect sensitive information in your inbox – be it your account details, proprietary business information, or legal documents.

In this guide, we detail some of the most essential steps you can take to protect the security of your Gmail.

Table of Contents

• Why Should You Secure Your Gmail Account?
• 7 Steps to Secure Your Gmail Account
  • 1. Use a strong password
  • 2. Enable two-factor authentication (2FA)
  • 3. Monitor security activity
  • 4. Update your software
  • 5. Remove unnecessary apps and extensions
  • 6. Protect against suspicious messages
  • 7. Check your backup contact details
• Strengthen the Security of Your Gmail Account Today!

Why Should You Secure Your Gmail Account?

Hackers use multiple methods to access your email accounts without authorization. This includes phishing attacks, malware, viruses, ransomware, and spyware.

If any of these attacks are successful, hackers can immediately access your private information. Over the years, there have been multiple reports of identity thefts, credit card frauds, privacy violations, and loss of critical business information as a result of such hacking attacks.

7 Steps to Secure Your Gmail Account

Here are some preventative measures you can take to ensure your Gmail account doesn’t get hacked.

1. Use a strong password

You cannot overstate the importance of having a strong password for all your Gmail accounts. Irrespective of whether it’s a Gmail account for business or for personal use, this is your first step in safeguarding your email accounts.

But here’s the thing: most people are guilty of using simple passwords for the ease of logging into accounts. Another reason you may resort to using such passwords is for the ease of remembering them.

Another common mistake is using the same password for all your accounts. This means a hacker who has managed to steal one password now has access to all your essential information from other accounts.

Here are some best practices to keep in mind when setting a password for your Gmail: 

1. Set a unique password for each account.
2. Refrain from using your personal name or that of your friends, family, or pets.
3. Keep the length of the password between 10-12 characters.
4. Avoid common phrases or words. Instead try to use random combinations of letters and numbers.
5. Do not write down your passwords anywhere
6. Avoid sharing your passwords with anyone

This is an example of a strong password – B7g!2rP#vR9$KmW1. If you want to use phrases, make sure they are unrelated. Something like this – Blue!Tiger78$Mountain?

Pro Tip: If you’re having trouble remembering all your passwords, use a password manager. They are software applications that can be used to generate and store your passwords securely. Some popular password managers include Bitwarden, Enpass, LastPass, and 1Password

Steps to update your password on Gmail

1. Visit myaccount.google.comand navigate to ‘Personal info’. Select ‘Password’ and enter your current password.

2. You will be taken to a new page where you can change your password.

2. Enable two-factor authentication (2FA)

The surprising part about the hacking attack on Mr. Podesta in 2016 is that it could have been avoided had he set up a two-factor authentication system for his Gmail account.

2FA adds an extra layer of security to your Gmail account, aside from passwords. It operates on the logic that even strong passwords are susceptible to being compromised. Adding an extra measure of security makes it more difficult for a hacker to access your Gmail account.

Here are the different ways you can use 2FA for your Gmail account.

• Use an authenticator app: Generates one-time passwords or OTPs that change every 30 to 60 seconds. Examples include Google Authenticator app, Duo Mobile, and FreeOTP.
• SMS code: A unique code starting with G and followed by a sequence of numbers, is sent to your phone via SMS.
• Hardware token: A physical device is used to generate authentication codes for secure access. Hackers cannot easily bypass a hardware system to steal passwords.

How to enable 2FA for Gmail

1. Go to myaccount.google.com and navigate to ‘Security’. 
2. Select ‘2-step verification’ under ‘How you sign in to Google’ and follow the instructions.

3. Monitor security activity

Google alerts you every time they detect a suspicious activity in any of your Gmail accounts. A suspicious activity could include signing-in from a new device, sending an unusual number of emails, or viewing stored passwords.

If any of these actions are detected, Google immediately sends an alert to notify you. Whenever you receive such an alert, open the page and review all the details such as device type, location, and time. If the details are unfamiliar, opt to secure your account. Google will immediately secure your account and ask you to change your password.

If the activity was by you, simply verify it by responding to the question – If you’re sure this activity was done by you, choose Yes.

4. Update your software

Make sure that your browser, operating system, and applications are updated regularly. 

Updating your software ensures that you are protected against all the latest security threats and ensures that all safety protocols are functioning properly and efficiently.

Aside from this, when you update your software, it also includes patches for any security vulnerabilities that have been discovered since the last update. Not updating your software leaves you prone to hackers, as there might be weaknesses in your Gmail system that they can exploit.

You Might Also Like: 6 Proven Email Management Best Practices for Enterprises

5. Remove unnecessary apps and extensions

The problem with having too many apps and Chrome extensions is that it increases the entry points for attackers.

Another issue is that most of these applications require permissions to access your data. In these instances, it is always better to have only applications and extensions that are absolutely necessary. This limits the number of applications that have access to sensitive data. Ensure that the necessary applications have security measures in place.

Moreover, the higher the number of applications, the slower your device and browser becomes. This can impact the performance of your security measures, once again leaving you vulnerable to hacking attacks.

Here’s how you can keep a check on the apps and extensions you use

1. Regularly review applications that have access to your account information. If you don’t recognize or use some of these applications, remove their access to your account and uninstall the apps. In case of extensions, disable the ones you no longer use.
2. It’s also a good idea to review the list of connected devices that have accessed your account. Remove any unused or old devices from this list.
3. Be cautious and review permission requests that come up whenever you install a new app or extension. Disable unnecessary permissions and use only what’s absolutely necessary.
4. Install apps and extensions only from trusted sources such as Play Store.

6. Protect against suspicious messages

Suspicious messages and content can be disguised phishing attacks or other types of cyber threats.

They are often sent from email addresses that look very similar to a familiar sender’s contact and can be quite misleading. They can also contain attachments or links that if clicked, can download malware onto your device.

There are plenty of instances where people have shared their personal and financial information while replying to such emails. This is why it is important to be vigilant about what emails you open and deleting or blocking suspicious senders.

Here are a few ways to protect against suspicious content.

1. Avoid replying to emails that ask for your personal or financial information. Organizations like banks never ask for passwords since most transactions are encrypted and carried out using OTPs or codes. They don’t require you to disclose your personal information.
2. Always verify the sender’s email address. Check the domain and make sure the sender’s name and email address match. They are often characterized by misspelled company names, unfamiliar domains, random characters, and the most popular one – imitation of trusted authorities. Fake email IDs can look like this

• [email protected]
• [email protected]
• [email protected]
• [email protected]

7. Check your backup contact details

Make sure to regularly update your backup contact details. This is because any suspicious activity will immediately be reported to you by sending alerts to your backup contact methods.

If these details are not updated, you may not receive timely updates in case of security threats. 

Another scenario is that if a hacker gains unauthorized access, they may change your backup information. Regularly checking and updating these contacts is important to ensure that only you have control of this information.

Here’s how you can update your backup information in Gmail.

1. Go to myaccount.google.com and navigate to ‘Security’.
2. Scroll to ‘How you sign in to Google’.
3. Change ‘Recovery phone’, ‘Recovery email’, and ‘Security question’.

Strengthen the Security of Your Gmail Account Today!

Securing your Gmail account is an ongoing process. You’ll need to regularly check for updates, add your latest contact information, and keep an eye out for suspicious activity and content.

They may take a few minutes of your time every now and then but implementing these best practices can protect your Gmail account from cyber attacks and unauthorized access. It can protect sensitive information and important data against security breaches.