Last week I wrote about how to keep your email accounts safe and today I will be going in to more detail on the subject.
Google have made it very easy to lock down your Gmail account through the use of on site settings and a few security features they have programmed into their mail service that are always on. But first lets go over a few things that everyone should be doing.
1. Keeping your password safe
We covered this the other day but it goes without saying, this is extremely important. A good password is a strong one that is not used anywhere else. To change your password you can do this by logging in and going to google.com/settings or by clicking your user ID at the top right of the page. Then just like in the picture below click Security and then Change password.
There are a few other options you will want to look at that are important to the security of your account, in the same section above there is a Recovery & alerts section. Here you can set up recovery email and phone number on the account to help you get access back into your web mail if some malicious cyber crook manages to get in. It is also a good idea to check this every month or so in case someone gets in and changes it.
If you don’t have any details in that section, fill them in now.
2. Set up Two-Factor Authentication
Google allows users to set up 2-Step Authentication (or two-factor authentication) through the settings on your account. This will set it up for ALL your Google services in one go. To start this, in the settings as above, go to Security and click Setup next to begin the process. The first step will be to authenticate your account, an SMS or voice call can be used to the mobile number you have assigned to the account. This is so that if you lose access to the authenticator you can still get back in via a phone call.
There are a few options you can do here including setting up program specific passwords (Mail on iPhones and iPads, Outlook, Mail for Mac etc.) that will stop people from getting your mail on their devices.
It is highly recommended to set up the Google Authenticator app and is very similar to how it was set up in our post on Securing your Dropbox account.
3. Check your Settings often
How often? We recommend at least once a month. The longer you leave it the more damage that could be done.
But what are we talking about? Well whenever you (or someone else) logs into your Gmail account, Google are nice enough to record the IP, location, time and how it was accessed for you.
This message shows at the bottom of EVERY page in your Gmail account. I bet you never noticed that. Click on Details and it takes you to a full list of logins.
As you can see in this list above you can see the list of logins made on the account. It shows the date, the location and what was done. Google also block access to the account when they find someone attempting to login from a country other than your own.
You should be checking these often, probably every week. Why? Because if someone gains access to your account, the log will show up here as a login and you will see that someone has gained access to your emails.
Another thing to check is the Grant access to your account settings. This allows another user access to your inbox without actually logging into your account. To check this, go to Accounts and import tab and look at the Grant access to your account section. If there are any other accounts here that you yourself did not add, then someone is trying to be sneaky and look at your emails. Remove any strange accounts and change your password if something is here. Another thing to do is set Mark conversation as read when opened by others.
You should also look under the Filters and Forwarding and POP/IMAP tabs to make sure nobody has set up a forward for your emails to another address here.
There are many dangerous people out there and there are many ways to keep your email account and all other accounts associated with it (Facebook, Spotify etc.) safe from their grubby hands. Why risk it? Remember…
- Use a good, unique password for your email account
- Setup a second line of protection with Two-Factor Authentication on the account
- Monitor all activity on the account (even if it is your own) and regularly check the settings.
By taking a little bit of time out of your day every month you can keep your identity safe online.