Pricing Log in Get started
New! Introducing Gmelius for Android Learn more

Gmail Security: 7 Steps to Protect Your Gmail Account

Strengthen the security of your Gmail account via some actionable and non-technical steps.

The purpose of this article is to help you strengthen the security of your Gmail account. We’ll show you some actionable and non-technical steps you can take to ensure that your Gmail account remains safe and private.

Do you know that half of US adults get hacked every year? Imagine what it would be like if your Gmail account also got hacked. Not a pleasant thought…

Follow these 7 steps to ensure that your Gmail account is no longer at risk of being compromised.

STEP 1: Activate 2-Step Verification

Google’s concern over account theft issues has resulted in the introduction of a security feature known as 2-Step Verification. 2-Step Verification provides an extra layer of security. Every time you wish to access your account, a code will be sent to your phone; thus making it impossible for another party to guess your password. We believe every Gmail accounts should have this activated. To do so, click here and follow the on-screen instructions.

Setup 2 step verification as a first step tooward Gmail security

Note that you’ll need a mobile phone to activite this feature. Should you lose your phone, you can create printable backup codes and a backup phone number as alternatives for accessing your account. You can also create an application-specific password for applications that don’t request a verification code.

It might sound annoying and probably will be the first few times but it’s certainly better than having your Gmail account hacked.

STEP 2: Detect and Block Email Trackers

You may not be aware that many people and companies track emails they send, without your consent. With this information, they know exactly when, where, and how many times you’ve read their message. Pretty crazy, don’t you think? This is a major privacy issue and in our opinion should not be the price you pay for using Gmail.

But fortunately you can protect your email privacy by using Gmelius.

Gmelius offers a feature that lets you detect and block email trackers within your Gmail account. Learn more here.

Gmelius blocks trackers

STEP 3: Update Your Gmail Security Credentials

How many years ago did you create your Gmail account? If it was a few years ago, your recovery details such as your backup phone number may have changed. It’s vital that you monitor your security details and update your security questions, recovery options, and password and ensure that you have a strong password! So, the first thing you’d want to do is go to the sign-in and security checkup page and update your password.

Remember, a secure password:

  • Contains capital letters, numbers, and punctuation signs
  • Is a minimum of eight characters long
  • Does not contain a complete word
  • Does not contain your real name, your username, or your company name
  • Is completely different from previous passwords you’ve used

Sometimes, trying to remember a strong password can be difficult but there are ways and means of recalling good passwords. Check out this interesting article about passwords on ways of remembering your password.

How often should Gmail passwords be changed?

Logically, we know that our passwords should be changed from time to time, but there’s no ideal answer on how often this should be. This IT security expert’s opinion on password summarizes things well:

You don’t need to regularly change the password to your computer or online financial accounts (including the accounts at retail sites); definitely not for low-security accounts. You should change your corporate login password occasionally, and you need to take a good hard look at your friends, relatives, and paparazzi before deciding how often to change your Facebook password. But if you break up with someone you’ve shared a computer with, change them all.

STEP 4: Revoke Access to 3rd Party Apps

You may have signed up to a certain website using your Google credentials or installed third-party extensions. Some of these may be compromising your account and you need to revoke access to the ones you no longer use or trust.

Head to Google’s account permissions page to revoke access to anything you don’t want to keep.

Revoke apps to remove

STEP 5: Check for Suspicious Activity

If Google notices suspicious activity in your account they’ll send you a notification. It may be that there are sign-ins from an unfamiliar location or an unfamiliar device. Ideally you should also manually review your account at least once a month to make sure that no suspicious activity has taken place.

To review your account, click on the link ‘Details’ located on the right hand side of the footer of your mailbox.

Footer Gmail inbox

You’ll see a list of sign-ins and alerts that have been blocked, including sign-ins from new devices.

recent gmail activity

Should you notice unusual activity, try to recall why this activity seems unfamiliar, yet it’s still yours. If you can’t recall the activity and you’re unsure as to why it exists, your best action is to change your password immediately.

STEP 6: Check Account Filters for Forwarding Emails

It’s important that you to ensure that there are no active filters in your account which may be forwarding your email to a third-party email address. This check is simple: Go to your Settings’ page and click on the Filters tab. Look for filters you haven’t authorized and delete them.

Check for filters

In addition, check the Forwarding and POP/IMAP tab to ensure there’s no unauthorized forwarding address other than those approved by you.

STEP 7: Authenticate Your Emails When Sending Sensitive Information

On receiving an email, you may notice that next to the sender’s email address there’s a small red padlock. This indicates that the message is potentially unsafe.

Gmail red padlock

This red unlocked icon comes with emails that have not been authenticated by Transport Layer Security (TLS) encryption. Don’t worry too much if you don’t understand how the technology works. You only need to be concerned if you see this icon and the message has something to do with passwords or other sensitive information. At this point you need to contact the sender of these insecure emails if want to continue exchanging messages with this person.

In Conclusion

By taking the above simple steps you can be assured that your Gmail account is secured to the best of your ability. But always be on the lookout for notifications from Gmail advising that you need to add additional security in order to stay on top of any new potential vulnerabilities.

Florian Bersier
Florian Bersier CEO & Founder
Share this article