Download Article
Download Article
Hackers are always trying to find ways to hack into your Google account and steal your information. Luckily, Google has many tools that you can use to help keep your account secure. This wikiHow article will teach you how to keep your Google account safe from hackers.
Steps
-
Create a strong password. Don't use your name, birth date, pets or kids names, or the name of your street as your password: make it hard to guess. [1] X Research source
- A strong password will be at least 10 characters in length, but the more the better. The longer your password is, the more time it will take the hacker to crack it.
- A strong password should contain at least one of each of the following characters: lower-case letters, upper-case letters, numbers, and special characters.
-
Do not use your Google password anywhere else. Create a different password for every website that you use.
- It's not enough to use the same password with different numbers at the end (e.g., password1, password2 …).
- Consider downloading the Password Alert extension if you use Google Chrome. Password Alert will warn you whenever you enter you Google Password on a non-Google site, which can help protect you from phishing and accidentally using your Google password on another site. To use Password Alert, simply download it from the Chrome store , and then follow the onscreen directions.
Advertisement -
Consider Using a password manager. As you create more accounts and passwords, it'll likely be difficult to remember them all. There are many good password managers available that will encrypt and safely store your passwords, such as 1Password, LastPass, and KeePass .
- You might have a password manager built into your operating system — for example, Mac users have keychain available to them for free.
- If you don't want to use a password manager, consider using a passphrase, for example: “I like big butts and I cannot lie!” might become iLbBaIcL!
-
Avoid sharing your Google password with anyone. Even people you trust, like your friends and family, might accidentally share your password with someone you don't trust.
-
Only log in on trusted computers. If you are using a computer that you don't know or trust, then don't even log into your account. Hackers commonly use key loggers on computer systems that record everything you type, including passwords.
- If it's not possible for you to avoid typing a password into a computer you don't trust, then change your password once you're back at your own computer.
Advertisement
-
Visit myaccount.google.com . You may be asked to sign in with your Google account if you aren't already.
-
2Click the "Security" tab. It's on the left side of the page.
Advertisement
-
Enable two-step verification . Two-step verification makes sure that even if a hacker guesses your password, then your account will still be safe. Every time you log in from a new device, you will get a code or notification from Google that you will have to enter or approve in order for the sign in to be successful. [2] X Expert Source Mitch Harris
Consumer Technology Expert Expert Interview. 16 July 2021.- Google prompt is the most secure method of two-step verification, while an authenticator app is somewhere in the middle with voice or text message being the least secure (although any of these methods would be more secure than not having two-step verification at all).
EXPERT TIPTechnology SpecialistBrandon Phipps is a Technology Specialist based in Bakersfield, CA. He is the owner of Second Star Technologies and specializes in Managed IT Services for small and mid-sized businesses in Bakersfield, CA. With over 23 years of experience, he offers expert cloud computing, cybersecurity, and network management solutions. Brandon is a committed community member and coach who leads and innovates in tech and sports coaching. His dedication to local businesses and communities is evident in his hands-on, tailored approach to IT solutions.Enable two-factor authentication on all your digital accounts. That applies to all your personal accounts, business accounts, finances, client information, and productivity apps. Two-factor authentication protects your sensitive data from unauthorized parties and reduces the risk of security breaches.
-
2Regularly check your account activity. Google keeps a log of all major security events on your account and allows you to view them. The log will show the changes and the location of where the changes were made. If you click on the event, then you can see more information about it, such as the IP address of the computer that made the change, the device that was used, and a map of the location. [3] X Expert Source Mitch Harris
Consumer Technology Expert Expert Interview. 16 July 2021.- If you see something that you don't recognize, then you should change your password immediately.
-
3Review your app passwords. Delete app passwords that you no longer use to make it harder to hack into your account. If you use an app that requires an app password, then you should look into other services or apps that don't require app passwords, as app passwords can allow hackers to bypass two-step verification. [4] X Research source [5] X Research source
- If you don't have any app passwords, then you can skip this step.
-
4Choose a secure PIN. Some Google services, like Google Pay, allow you to set a PIN that you can use to verify your identity. When you chose a PIN, use a completely random number. Don't use your birth date, home address, part of a phone number, or any other number that can be linked back to you.
- Your account may not have an option to set a PIN.
-
5Add a recovery phone and email. Adding recovery phone or email allows you to gain access to your account in case you ever forget your password. It can also allow you to take control of your account back from the hacker.
- Make sure that you only use an email address or phone number that you control, don't use the ones of friends or family. Even if you trust your friends or family, their account could be hacked, or phone stolen, which would then put your account at risk.
-
6Review the devices that are signed into your account and check third-party app access . Reviewing these areas on your account will allow you to make sure that only your current devices and services have access to your account. Make sure to remove any old devices and accounts that you don't use anymore. If you see something that you don't recognize, then you should immediately remove it and change your password. [6] X Expert Source Mitch Harris
Consumer Technology Expert Expert Interview. 16 July 2021.
Advertisement
-
1Go to myaccount.google.com . You may be asked to sign in with your Google account if you aren't already.
-
2Navigate to the "We keep your account protected" header. Click on the “Get started” link.
- You can directly access this page by visiting myaccount.google.com/security-checkup on your browser.
-
3Wait for the results. If your account is safe, then you will see a “No issues found” message.
-
4Review the results. You can review the Recent security events , Sign-in & recovery , Third-party access and Your devices from there. Click on each option to view more details.
- If any issues are found, then follow the recommended action to secure your account.
Advertisement
-
1Disable POP3 and IMAP access if you don't use it. POP3 and IMAP are communication methods that some email programs use to access your email. However, these methods to access your account can create a security risk because they bypass two-step verification. If you don't use an app the requires IMAP or POP, then you should disable them.
- To disable POP3 and IMAP access, navigate to Gmail, and then click on the settings gear in the upper right corner, click "settings", and then select the Forwarding and POP/IMAP tab. Once there, select the disable option for both services, and then click on Save Changes
- The Mail app on Windows 10 and the Gmail app on your phone should continue to work even if POP3 and IMAP are disabled.
-
2Set up Inactive Account Manager. Inactive Account Manager is a feature that makes sure that your Google account will be deleted or that access will be given to somebody else that you trust if you ever are unexpectedly unable to access you account. It's a good idea to set up Inactive Account Manager so that if you are unable to access your account, or if you forget about it, then your account will still be taken care of and your data will be safe.
-
Avoid spam emails . Spam emails are annoying, but they can also be dangerous. Don't click on any links in spam emails and avoid even opening emails in your spam folder.
- Gmail also allows you to block emails from specific email addresses that you do not trust or want to hear from.
- Know how to spot a scam. If you suspect a phishing email, then report it
. To avoid getting phished, beware of the following:
- Messages with poor grammar, spelling, and typos.
- Messages asking for your personal information such as your credit card info, driver's license, social insurance number, date of birth, etc.
- Messages claiming that your account will be deleted unless you give out your password.
Advertisement
-
Use up-to-date anti-virus software. Anti-virus software helps keep your computer secure by preventing, detecting and removing malware. There are several free anti-virus programs available online (popular ones include AVG Antivirus and Sophos). If you don't already have one, download one now, ensure that it's kept up to date, and run scans regularly.
-
Keep all software up to date. In particular, ensure that your browser and operating system are updated.
-
4Set a device password or screen lock. Setting a password on your device will help make sure that your Google account will stay safe even if your device is stolen.
Advertisement
Expert Q&A
Search
-
QuestionWhat is the meaning of two-step verification?Mitch Harris is a Consumer Technology Expert based in the San Francisco Bay Area. Mitch runs his own IT Consulting company called Mitch the Geek, helping individuals and businesses with home office technology, data security, remote support, and cybersecurity compliance. Mitch earned a BS in Psychology, English, and Physics and graduated Cum Laude from Northern Arizona University.Two-step verification uses both your password and a second device to secure your account. After you log in, Google will ask you to verify your login with your email or phone. This way, if a stranger logs into your account, they won't be able to get in.
-
QuestionShould I change my password if I get hacked?Mitch Harris is a Consumer Technology Expert based in the San Francisco Bay Area. Mitch runs his own IT Consulting company called Mitch the Geek, helping individuals and businesses with home office technology, data security, remote support, and cybersecurity compliance. Mitch earned a BS in Psychology, English, and Physics and graduated Cum Laude from Northern Arizona University.Definitely! You should always change your password after you notice a strange log-in attempt, even if you have two-step verification turned on. Someone clearly knows your password if you're getting notified about log-ins.
-
QuestionHow do you know POP3 gives data to a hacker?R2_d2000Top AnswererPOP3 can allow a hacker to access your Google account because it bypasses two-step verification. However, it will only allow hackers to access your email, and you still need the account password to access data through POP3. If you use a program that requires POP3, then just make sure that you have a secure password and you should be fine.
Ask a Question
200 characters left
Include your email address to get a message when this question is answered.
Submit
Advertisement
Tips
- Consider changing your password and PIN every 6-12 months.Thanks
- If using a public computer (for example, a library computer), make sure to sign out each time you are finished with your session.Thanks
- It's a good idea to do the security checkup at least once a year.Thanks
Submit a Tip
All tip submissions are carefully reviewed before being published
Name
Please provide your name and last initial
Thanks for submitting a tip for review!
Advertisement
References
- ↑ https://support.google.com/accounts/answer/32040
- ↑ Mitch Harris. Consumer Technology Expert. Expert Interview. 16 July 2021.
- ↑ Mitch Harris. Consumer Technology Expert. Expert Interview. 16 July 2021.
- ↑ https://www.computerworld.com/article/1414300/application-specific-passwords-weaken-google-s-two-factor-authentication-researchers-say.html
- ↑ https://www.howtogeek.com/199804/warning-your-%E2%80%9Capplication-specific-passwords%E2%80%9D-aren%E2%80%99t-application-specific/
- ↑ Mitch Harris. Consumer Technology Expert. Expert Interview. 16 July 2021.
- ↑ https://support.google.com/accounts/answer/46526?hl=en
About This Article
Thanks to all authors for creating a page that has been read 43,653 times.
Advertisement