Email is the most invaluable asset of anyone’s identity on the web. You use email everyday and have all the important information stored in your inbox. All your social networking accounts, website registrations, Paypal accounts etc are connected and controlled by your email and thus it makes sense to completely secure your Gmail account and prevent unauthorised access. Choosing a strong password is not enough, you should be well aware how people try to gain access to other people’s email accounts by unfair means. Here are some useful tips on securing your Gmail account and avoid getting hacked:
1. Always Check The URL before Logging in to Gmail
Whenever you log in to your Gmail account, always check the URL from the browser address bar. This is because there are plenty of dirty minds who create an exact replica of the Gmail login page. The worst part – they install some scripts or malicious codes behind the fake login page and host the page in their web server.When you login to Gmail from a fake login page, your username as well as password is sent to another email address or to a FTP location. Hence, always check that you are logging in to Gmail by typing http://www.gmail.com and not from any other URL.
2. Avoid checking Emails at Public Places
A Keylogger is a computer program which can be used to record what you are typing in the keyboard. The Keylogger records your keystrokes, saves them in a simple text file and sends it to an email address or to an FTP server. And you are completely unaware of the whole process, running in the background.
You never know which programs are installed in a public computer. Consider a simple scenario: You went to a local internet cafe to check emails from your Gmail account. The cafe staff has installed a Keylogger in every computer and when you type the username and password, the Keylogger script comes into action, records both your username and password and sends it to another email address. You leave the cafe after checking emails and the cafe staff retrieves your username and password and hacks your account. Hence, never check emails at a local cafe or at public places or in any computer where you don’t have control.
3. Forward Emails to A Secondary Email account
Should you need to check emails from a public computer or from a local internet cafe and you fear that the computer might have installed some keylogger programs? Here is a nice workaround.
- Create another Gmail account and choose a different password for this account. This means that the password of your new Gmail account should not match with the password of your main Gmail account.
- Log in to your main Gmail account, click “Settings” and go to the “Forwarding and POP/IMAP” tab.
- Select the option to forward all incoming mails to your newly created Gmail account. Any email received in your primary email account will be forwarded to this secondary email address automatically.
Whenever you want to check emails from a public computer, use this secondary email account. Anybody trying to hack your email account using a keylogger or a malicious program can hack this secondary email account but not your primary one. Obviously, do not leave any important emails or password/username in this temporary email account – keep deleting emails at regular intervals. Yes, this may sound ridiculous but it’s better to be on the safe side. VERY IMPORTANT: Do not use or associate this secondary email account as a password recovery option of your primary email account. Use this email account just for checking emails at a public computer, that’s it.
4. Regularly Monitor Gmail Account Activity
You can monitor the IP addresses of the computers used to log in to your Gmail account. To find the IP addresses, log in to Gmail, scroll down and click account activity details link as shown below:
This will show you a list of the last IP addresses used to log in to your Gmail account. You will notice the country and state name alongside date and time of your last Gmail activity. Should you find another unknown IP address or the name of a place, there are high chances that somebody else is logging in to your Gmail account from elsewhere. To solve this issue, click the “Sign out of all other sessions” button and Gmail will automatically delete all the active sessions of your account. Next, immediately change the password from your Google accounts settings page.
5. Check for Bad Filters
Gmail filters can be used to set rules in your Gmail account – you can automatically forward specific emails to another email account, delete it, archive it and do various other tasks. Sadly, filters can be a big threat to your Gmail account security. Consider a situation – you checked emails from your college computer, forgot to log out and left the classroom. One of your friends found that you have forgotten to log out and he applied a filter in your Gmail account. This filter automatically forwards all of your emails at his email address. Now he has access to all your emails and he may reset your account password, if he wants. Hence you should always check for unknown filters from Gmail Settings -> Filters. Delete any filter which you didn’t created or which appears suspicious.
6. Do not Click on Suspicious Links
There are some websites which let’s anyone send fake emails to any email address. And the worst part is that the sender can customize the “From” address to anything – firstname.lastname@example.org or email@example.com. Consider a scenario: Mr X uses some website and sends an email to you asking you to change your Gmail password due to security reasons. You see the from address field as something like “firstname.lastname@example.org” and think that it’s from Gmail. No, it’s not. When you receive any emails which asks you to change your account password or enter login credentials, STOP. Do not ever click on any suspicious links from your inbox. Note: Gmail will never ask you to change your password or enter login credentials without any reason. Hence, if you receive any email which claims to be from Google and wants you to change your password, be rest assured someone is trying to fool you and hack your email account.
7. Choose a Strong Alphanumeric password
Most users choose very generic passwords which can be easily guessed. You should always choose a very strong password which is difficult to guess. Always remember the following tips regarding choosing passwords:
- Choose both numbers and alphabets in your password. It would be even better if you include symbols and special characters.
- Never use your phone number, parents name or credit card number as your email account password.
- Choose a long password – probably more than 10 characters.
- Never write your password on paper or save it as a text document in your computer.
Anyone trying to hack your email account will have a difficult time guessing the password and the more complicated your password, the more secure and better it is. You should also connect your mobile number with your Gmail account. This is required in case your forget the password and can’t login to Gmail.