Recently, Google announced its Advanced Protection Program, a security protocol designed to protect the accounts of users considered to be high-risk targets for cyberattacks, including journalists, activists and public officials. Users who wish to join the program must use a physical Bluetooth or USB key, in addition to a password, in order to sign in to their account from a computer or mobile device.
But for those users who aren’t looking to add additional hardware to the Gmail login process — and who aren’t in the middle of, say, running a political campaign — there are easier options available to increase the security of your Gmail account.
Here are seven steps you can take to strengthen your Gmail security.
Create A Strong Password
A good password is the first, most obvious step to increasing Gmail security. Experts recommend a password that has a combination of letters, numbers and symbols.
It’s also advisable not to use the same password for all your internet accounts. If you do, someone can figure out your login information for a less secure website and easily gain entrance into your Gmail account. For generating a unique, strong password and keeping it secure, into using a password manager, like LastPass.
You should also secure your recovery protocols by making sure any account recovery information is sent to devices to which only you have access.
After setting a strong password, two-step verification is a simple measure you can take to bolster your Gmail security. With two-step verification, Google sends a code to your mobile device after you enter your password. You must then enter the code into the browser to complete the login process.
To set up two-step verification, open your Google My Account page underneath your photo in the top right of your Gmail inbox. Enter the Sign in & security section. Under Password & sign-in method you’ll see the option to turn on two-step verification. Follow Gmail’s prompts to set up the details, and you’ll be on your way to increased security.
Update Your Browser
While it’s plenty easy to ignore your computer’s notification that it’s time for a browser update, this is not the greatest idea for your cybersecurity. Browser updates include the latest security updates — so staying up-to-date with your browser will increase the overall safety of your Gmail data.
Report Suspicious Emails
Be wary of emails from any contacts requesting your personal information, as they can actually be phishing attacks designed to steal data and credit card information. If you receive any suspicious emails, you can easily report phishing to Gmail.
To do this, open the message of note in your Gmail account. Next to reply, click the down arrow, and then select Report phishing.
Stop Unnecessary Access To Your Account
To maintain security, you should remove unnecessary access to your account — whether from out-of-use or unauthorized devices or from external applications.
To remove a device no longer in use or one you do not recognize, open My Account, go to the Sign-in & security section under devices and click Device activity & notifications. Head to the Recently used devices section, click Review devices, and click Remove.
It’s also a good idea to rescind any unnecessary access to your account by third-party apps. To review this type of access, open My Account, and click Apps with account access in the Sign in & security section. Then click Manage apps and remove access by any unwanted or unnecessary applications.
Monitor Account Activity
Check on any potential unapproved access to your Gmail account by looking at recent account activity.
To review account access, head into your inbox and scroll down to the bottom of the page to where it says Last account activity in tiny print. Click the tiny Details button to see when and from where your account has recently been accessed. If anything on the list is unauthorized, you can make sure to beef up security with tactics on this list, and report the activity to Google.
Consider Security Plug-Ins
You can also explore the world of third-party security plug-ins. For example, the plug-in Virtu can be used with Gmail to enable client-side encryption of data so it remains protected while not on Gmail servers. But before downloading, make sure any plug-in is trusted and well-reviewed by users.