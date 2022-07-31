



A lot of people use Gmail for disposable, one-off spam avoidance purposes, but according to the latest figures I found, there are about 1.8 billion active Gmail users. At a glance, there are an estimated 4.25 billion email users across all platforms and applications, of which Gmail accounts for about 20%.

So it’s not too surprising that Gmail is also a popular target for malicious actors. Unlike business email, her personal Gmail account tends to be used for years. This creates a treasure trove of valuable data that hackers can use to launch ongoing attacks. Business email accounts tend to be more secure than personal accounts by default. And then there’s the not-so-minor problem of password reset requests that are usually sent to your email by default. So you don’t need to be a cybersecurity genius to calculate the impact of a compromised Gmail account. To access Gmail, an attacker would have to compromise her Google account. Here’s how to stop them:

But it’s not all bad news. Securing your Google account, or even your Gmail account, is very easy, or at least anything that can be protected. All you have to do is take Gmail security seriously. Here’s how.

Most of the time, Google account security boils down to two things: login credentials and two-factor authentication.

1. Make sure you are using a unique and strong password. As we always say at this point, a password manager is on your side whether you’re creating that password or needing to use it.

2. Make sure two-factor authentication is enabled on your Google account. Google has been ramping up its “Enable by Default” program since late last year, so you may already be asked to do this.

Google offers multiple secondary authentication options. The most convenient is a Google prompt to a different device than the one you’re signed in with. So if you are using a laptop it will be sent to your mobile phone and vice versa. Add an authenticator app. Google Authenticator is the default, but you can use something like Authy as a backup. Speaking of which, write down your backup code in case something goes wrong elsewhere. These can be stored in a password manager, for example.

Enabling two-step verification on your Google account is super easy for your Gmail security

Davey Winder, Google

The most secure form of secondary verification is with a security key, and Google also offers this option. Google sells its own brand, but you can also use the YubiKey. Use of such a key is mandatory when enrolling in the Advanced Protection Program, which is recommended for high-value accounts such as journalists and activists.

So they are given. However, there are many other layers that can be added to Gmail’s security cake. The first covers what we have already said, but goes further, but takes only a few minutes of your day. About Google Account Security Checkup. Doing so will pop up recommended security actions based on your existing settings, show you which device logged into your account from where and when, detail the apps that allowed access to your account, and give you access to your account. You will be provided with the opportunity to revoke unentitled apps. Highlight any “sensitive” Gmail settings you’re using that you don’t use or don’t know about.

Have Google check your security settings

Davey Winder, Google

Google recommends safe options

Davey Winder, Google

This is truly a one-stop security checklist shop and I highly recommend taking the time to do so. The part that shows you what device you’re logged in to your account helps raise a red flag for security and privacy in your Gmail account. The latter is not as useful as the former as it can be easily faked.

Knowing which device, when and where logged into your account can help you detect fraud.

Davey Winder thinks outside the box to improve Google security

It would be helpful if you could think outside the box of Google for a moment. This means making sure your operating system is fully up-to-date with the latest security updates. The same goes for your web browser of choice and any third-party apps you use in conjunction with Gmail. We also recommend that you regularly audit your browser extensions and apps and remove those you no longer use.

