Although many people use Gmail for disposable, one-time use to avoid spam, there are, according to the latest figures I could find, around 1.8 billion asset Gmail users. To put that into perspective, there are around 4.25 billion email users across all platforms and apps, so Gmail accounts for around 20% of them.
No big surprise, then, that Gmail is also a prime target for malicious actors. Unlike your work email, personal Gmail accounts tend to stay in use for years. it was launched in 2004. This creates a treasure trove of valuable data that can be used by hackers to launch ongoing attacks. Business email accounts also tend to be more secure than personal accounts by default. And then there’s the not-so-small matter of password reset requests that are usually sent to your email by default. So, you don’t have to be a cybersecurity genius to calculate the impact of your Gmail account being compromised. To access your Gmail account, hackers need to compromise your Google account. Here’s how to stop them.
How to secure your Gmail account from hackers
But that’s not all bad news because it’s pretty easy to protect your Google Account, and by extension your Gmail account, at least as well as anything else that can be secured. All you need to do is take Gmail security seriously, and I’m here to show you how.
For most people, most of the time, Google Account security comes down to two things: login credentials and two-step verification.
1. Make sure you have a unique and strong password. As I always say at this point, a password manager is your friend, both in creating that password and when it’s needed to use it.
2. Make sure two-step verification is enabled for your Google account. You may have already been prompted to do so, as Google has implemented a default activation program since late last year.
Two-Step Verification Is Your Google Account Friend, So Use It
Google offers several secondary verification options, the most convenient being a Google prompt on a different device than the one you use to sign in. So if you are on your laptop it will go to your phone and vice versa. Add an authenticator app, Google Authenticator being the default, but you can use Authy or similar as a backup. Speaking of which, write down your backup codes in case you break down elsewhere. These can be stored in your password manager, for example.
Enabling two-step verification on your Google account is a no-brainer for Gmail security
The most secure form of secondary verification is using a security key, and Google offers this option as well. Google sells its own brand, or you can use a YubiKey. If you enroll in the advanced protection program, suggested for high value accounts such as projection etc., the use of such key is mandatory.
Google Account Security Check
So that’s the data. However, there are many other layers that can be added to your Gmail security cake. The first includes what has already been said but goes deeper, but only takes a few minutes out of your day. I’m talking about a Google account security check. This will bring up recommended security actions based on your existing settings, show you which devices have logged into your account, from where and when, detail which apps you have given access to your account, and offer you the option to revoke ones you haven’t used any longer or don’t recognize, and highlight any “sensitive” Gmail settings you use.
Let Google verify your security settings for you
Google will recommend secure options
It really is a one-stop-shop security checklist and I highly recommend spending some time doing it. The part that shows devices that have logged into your account is beneficial for bright red flags regarding the security and privacy of your Gmail account. It will tell you when the device connected, the type of device and where it was. The latter isn’t as useful as the former, because it’s so easy to fake.
Knowing which devices logged into your account, when and where, can reveal misuse.
Think outside the box of Google for better security
It would help if you also thought a bit outside the Google box. By this I mean making sure your operating system is fully patched with the latest security updates. Ditto for your web browser of choice and any third-party apps you use in conjunction with Gmail. It is also recommended that you regularly check your browser’s extensions and application, deleting those that you no longer use.
#Gmail #Hackers #Targeting #Google #Accounts #Heres #Stop