How to keep your Gmail and Google Account secure

Too many people send me spam emails. Stop getting hacked, especially when Gmail provides enhanced security to keep you safe (and most of us are on Gmail). Check out Google’s Gmail Security Checklist, and work through each of the tabs. Pay particular attention to the security of your Google/Gmail account:

  • Make sure you use a secure password (a combination of letters, numbers, and symbols that’s hard to guess and never found in a dictionary)
  • Have account recovery options (helps get back in control if someone takes over your account)
  • Turn on 2-step verification (adds a second, one-time use password, to your Google Account, which makes accessing it without your code very difficult. Codes are easy to get from a smartphone app, and you can designate devices you use often as “trusted” to skip the code at every login. One additional challenge is using “application specific passwords” for 3rd party apps that access your Google Account, but it’s worth it for the security.)

If you do get hacked, go to the “Compromised Gmail Account” page in the help center. If you can’t access your account (even with the password reset and account recovery options), you’ll be prompted to fill out the account recovery form. Be sure to enter accurate information into this form, which is processed by humans, because it’s the only way to get back into your account. This usually takes a few days.

If you can access your account, you’ll be prompted to login, change your password, use the security checklist linked above, and check Gmail settings. In your Gmail Account settings (click on the gear in the top right corner, then choose settings) check each settings tab for spam or other bad stuff:

  • General: Check signature and vacation settings
  • Accounts and Import: Check send mail as, reply-to, and grant access to your account settings
  • Filters: Check that filters aren’t forwarding mail, moving it to trash/spam, or any other undesirable actions
  • Forwarding and POP/IMAP: Check that mail isn’t set to forward to an unknown address (if you’re using the Gmail web app to check email, which you should, and an iPhone with the right settings, IMAP and POP should be disabled).