Gmail is one of the most popular and yet most vulnerable email services. Backed by the largest search engine in the world and with over 1 billion email users and a corresponding amount of payment and confidential information, it attracts many scammers. It inspired us at Hideez to investigate the topic and provide tips on how to secure your Gmail account in 2020.
So, is there a way to protect yourself against all odds in a digital world?
There are a few steps you can take now to make your Google account safer and more secure. Gmail is used not only as a Login for Android, a popular operating system for activating and accessing the Play Store, but also as an access point to many different platforms like AdSense, YouTube, Analytics, AdWords, and more.
Scammers use techniques like social engineering or phishing to lead users into deception, and giants like Google are often targeted by massive attacks like the one on May 4, 2017.
Passwords are relatively easy to determine. People are not very creative when it comes to generating passwords; they commonly use their date of birth, address, phone number, social security, car's registration number, mother and father's name, etc. Some advice to use a long, random password that has a combination of lowercase and uppercase letters, numbers, and special symbols. However, the National Institute of Standards and Technology recommended dropping complex passwords and using multifactor authentication (MFA) instead. (You can read more about MFA in this blog post).
Two-factor authentication (2FA) is a recommended security method. 90% of Gmail users remain vulnerable to cyber-attacks, although two-factor authentication was introduced by the big G back in 2011, and only 10% of users realize the potential impact of being hacked. This security practice verifies your identity when you log into a website by requiring you to both know something and have something. The thing you need to know is a user name and a password or a PIN; the thing you need to have is a mobile phone, a USB device, or a wireless token like the Hideez Key 2.
The services that offer and recommend MFA are Apple (iCloud and other services), Google (Gmail and other services), Microsoft Office 365, Yahoo!, PayPal, Dropbox, Facebook, Twitter, Instagram, LinkedIn, SnapChat, Tumblr, etc. Yet, end-users ignore this recommendation as not convenient or unnecessary.
Of course, two-factor authentication can be annoying, especially when you have multiple accounts for different purposes, and all of them send you an SMS to prove your identity (which are proven to be not that safe of a method after all). As a more secure alternative to SMS, you can use the Hideez Key 2 password manager to store up to 1,000 passwords for different accounts and seamlessly prove your identity.
How do you set up 2FA for your Gmail account?
First, go to your Google account, then open your profile, select 'Manage Your Google Account', then click on 'Security'. Scroll down to 'Signing in to Google' to see the 2-step verification option and turn in to 'ON'. Choose the desirable 2FA and verify it.
Login Sessions Review
Open 'Security' tab of your Google Account and scroll down to the section 'Recent security events'. It gives you insight into a potentially suspicious activity like logins from locations you've never been to or applications you have never used. If you see anything like this, change your password immediately and add a second factor of authentication.
Check a 'Your Devices" section to delete any old or lost devices.
Freaky or Not So Freaky Attachments
Got an invitation to a party from a stranger? Or a check for $100,000? Unlikely it is a blessing, and if it has an attachment, it might be malware or ransomware that could breach in your account and steal your credentials, like, for example, Vega Stealer.
Random Security Questions
Do you always put your mom's maiden name as a security question to your bank account? Or your license plate number? Or your Dad's middle name? Are these things that hard to guess? The NIST recommends to replace security questions with MFA, but if the service you are using doesn't support this option, at least change them now and then, and using different ones for different services. If possible, select your own. (And you can record the question and answer on your Hideez Key 2 to avoid extra cognitive load).
Is Gmail Secure in 2019?
Yes, Google does an excellent job for their email and other services, but by following a few simple rules, you can make your account even more secure.
Stay alert and protect yourself. If you need a security solution for your business - schedule a free demo now: