2014-02-10



Most people don’t realize how vulnerable their Gmail Account is to cyber threats, which if successful can lead to a laundry list of potential problems. Some of our most sensitive information is stored in our email account, imagine what an imposter would find if they got ahold of your password.  The contacts in your address book, your schedule, confidential attachments and private conversations would all be compromised. Additionally, they may find access to your Facebook, Amazon and other such accounts. Perhaps even more disturbing is they would be capable of sending email as you and once logged in, could change your password and lock you out of your own account.

If your Gmail got hacked, it would be a nightmare. 

Fortunately there are ways to dramatically improve the security of your online information, simply follow these 5 steps:

1) Limit the apps that have access to your personal information.

Each time you sign up for an app that requires Google account authorization, you’re providing that app with access to your information. Even if you don’t use the app anymore, the information is still available to them.  To see all of the apps that are connected to your Google account, go to https://accounts.google.com/b/0/IssuedAuthSubTokens (prepare yourself, this is quite shocking).

 

This page displays the apps you’ve authorized and what information they’re allowed to see.   Revoke access to all of the apps that you no longer use and any suspicious apps that are on the list.  In the future, be aware of the apps that make you sign up using your Google account information, sometimes there are better options.  This also applies to websites that allow you to sign up using Facebook or Twitter instead of creating an account. 

If you’re uncertain how safe a website is, install Mywot on your web browser.  The Mywot extension will warn you if you’re on an untrustworthy website or exposed to any other online threats.

2) Change your password.

It’s best to change your password every few months.  You should never give your password out to anyone and if you really have to give it out, change it as soon as possible.  Treat your email as if it’s your safety deposit box. You wouldn’t give the keys to your safety deposit box to just anyone and you should be even more cautious with your email account. Go to https://accounts.google.com/EditPasswd to change your password. 

 

Creating an unhackable password: 

1) Don’t use the same password on more than one site, because if someone hacks your account, they will use that password to attempt access to your other accounts.

2) Make your password long and don’t use any words you can find in the dictionary or personal information like your street address.  If you can easily tell your password to another person, it is not strong enough. 

3) Once you decide on a new password, test it by typing it into the password meter

For password best practices, visit our blog post: 2 Tips for a Secure Password

3) Sign up for 2-Step Verification.

The 2-Step Verification is an additional layer of protection for your Gmail Account.  This is especially important if you look at your email on public computers.  Go to http://www.google.com/landing/2step/ to set up a 2-Step Verification for your Google account. 

 Anytime you sign into your Google account from an unknown computer, Google will ask you to enter a verification code that they send via SMS, Google’s mobile app, or voice call.  If it’s a computer you use regularly, there’s a box you can check so Google doesn’t ask you to complete the 2-step verification process again. 

4) Find out if your email is being opened in suspicious locations

If anyone accesses your email account overseas – IMMEDIATE RED FLAG.  You may think the likelihood of this happening is miniscule, but it’s good to double check. Scroll down to the bottom of your Gmail inbox page and click “details” on the right side of your screen under last account activity.  Once you click the link, a window will pop up (see example below).

This window shows you the various locations your email is being opened.  Make sure there are no unfamiliar places on the list.  You should also change your alert preference to say, “Show an alert for unusual activity.”  Then scroll to the top and click the ‘sign out all other sessions’ button. 

5) Update your Gmail settings

Go to your Gmail inbox page and click the gear icon at the top right side of the screen. 

Select “Settings” and click the Accounts tab at the top. 

1) You want to make sure all the email addresses under the “Send mail as” section are emails you own and use. 

2) Once you finish that, click the General tab and scroll down to “Browser connection”.  Check to see that “Always use https” is selected.  The “s” at the end of https means there is an added layer of protection. Make sure you see HTTPS before checking your email at coffee shops and any other public places. 

3) You should also go to the ‘Forwarding and POP/IMPAC’ tab.  Check to see that your email isn’t being forwarded to any unknown email addresses.

Bonus Tip: If you find it really creepy that Google displays advertisements that are way too accurate on your Gmail sidebar, you can easily change this.  Just go to Google.com/settings/ads to view your ad settings. 

Once you land on this page you can see the eerily accurate profile Google has based on your search history.  Scroll to the bottom of the page and click opt-out of interest-based ads on Google or interest-based ads across the web. 

You’re done!  Just by taking these 5 steps you have greatly improved the security of your Gmail and reduced the risk of being hacked.

Show more