How To Secure Your Google Account ?
We are living in a time, having a google account is inevitable. Using google account credentials, we logon to systems, smartphones and other gadgets which we use in our daily life. Google synchronizes all of your statistics from across all of your gadgets, so such things as email, personal data and files can be accessible from wherever you are. When you own a google account, google is providing not only the email service but also it gives you the access to so many services like docs, google sheets, drives, payment services etc.. which are the basic needs for a normal human nowadays.
Google has about 4 billion users(Source: Statista) as per the latest news and this makes google’s email service Gmail earn the title of the email service with the highest number of users across the world.
Regardless of whether you are signing up for a website, sending an email, online training or processing an online transaction, you’ll almost always need a valid email id to complete these online activities.
306.4 Billion emails are sent and received daily though google account in 2020.
Is your google account really secure? Google services are continuously protected by most progressive security infrastructures and algorithms. This security methodologies identifies the chance of threats, phishing, security violation by third parties on almost all levels. So it is reasonably secure. However, Google will push some notifications like you have to improve the security precautions to prevent fraud activities . So it is the duty of a google account holder to follow the security suggestions and notifications from the vulnerabilities.
This article comes with some points that will share on how to secure the gmail account with few clicks..
Why are they sending such security notifications?
- When the google detects important actions in your account like signing in new device or IP,
- Unusual emails received or sent,
- Detects suspicious activities with our account or account credentials,
etc…
By Default, Gmail is providing fair security on the data contents and the mail data is strongly encrypted with the IS 128 bit encryption and transmits the data through transport layer security 1.1. So, we can say that the personal data is relatively safe even though nothing is 100% Secure.
Nothing is 100% Secure!
Nowadays, Hackers or frauds have thousands of ways to penetrate into your Gmail. They have a lot of milky tools in their pockets to make your life more difficult such as phishing emails, malicious links etc.
Basic Precautions For Every Google Accounts:
- Always keep an eye on the recent login activity.
This means a lot, Google keeps an activity log for every accounts and it can be viewed in right bottom side of Gmail account view.
As shown here, there is no any fraud activity on my account right now. But in case of any fraud activity, you might see a similar message that will displays “Last account activity: 1 hour ago. Open in 1 other location”.
That means, Your account is opened in one more location. So, You should take care about that. You can check that by Clicking “Details” button and it will show you the IP addresses and logged details as below.If you click on the “Details” button, You can see a list of countries and IP addresses you have logged-in from.
Before you increase the security to your google account, you should set up the basic recovery methods for your account and it is also a part of security enhancement. These precautions will help to make sure that you can recover your Google Account if you ever can’t sign in.
- Add Recovery Email Account
- Add Recovery mobile number (At least 1)
- Add Recovery Questions
These points will help you once your account is in trouble with several reasons like accounts credentials miss, breeches etc.. It is also important to be prepared to prove your identity in case of any abnormal situations.
To Add or change a recovery phone number
- Go to your Google Account.
- On the left navigation panel, click Personal info.
- On the Contact info section, click Add a recovery phone to help keep your account secure.
From here, you can:
- Configure a recovery phone.
- Change your recovery phone: Next to your number, select Edit
- Delete your recovery phone: Next to your number, select Delete
Follow the steps on the screen.
To manage Phone numbers : https://myaccount.google.com/phone
Security Setups In Gmail:
This sector, Would like to share some tips to improve the security of google accounts to avoid unnecessary threats. Follow the steps below to help keep our Gmail account secure.
A —Go to the security checkup LINK for your google account. And click on the highlighted button “Get Started”
B — From the following view, Google will notify you the weak part and it should be configured properly with few clicks to ensure your security. Also you can ensure the remaining parts are configured correctly.
Enlarging the notified section (The yellow marked section in above image), you can check the provided data is correctly configured. If not, take some clicks to do it. Note that, every configuration change, Google may ask the account password for security.
From the above image, Google notifying that issues were found in “Sign in & Recovery” . To improve the security, I ensured/given the recovering email & phone number as below.
What is 2 Factor Authentication?
What is 2fa?
Two-factor , simply ‘2fa’ is the technique that simply a way to establish access to an online account or device that requires the user to provide two different kinds of information.
A factor in this context clearly means a way to assure a device or online service ensures who you’re, so the device can determine whether you have the rights to get the data or services offerings that you’re trying to access.
Nowadays, the most common authentication set is the username/password pair, and due to the fact that most bills simplest require a password for access, most systems consequently use ‘one factor’ authentication for access security. With ‘two factor’ authentication, You have to provide a user name — password set & the proof of a the access identity in another way.
How to Enable 2 Factor Authentication In Google Accounts
If a cyber-crook gets into your google account, they get access to your emails and other personal/confidential data. By enabling the 2 factor security, you can keep your account as safe from all of these crooks.
All google account holders can enable 2 factor security to their account with some configurations. mainly the concept of the 2 factor relies.
1 Factor: Something you know, like your g-account password
2 Factor: Something you have, like your mobile phone or early generated keys
A cyber crook may steal or guess your password, but he can’t reproduce something only you have.
Google Two-Factor Verification methods:
You can go to the google account security page to enable this,
And choose any ways to get in with 2-fa. Also note that configuring the 2-fa setup will help in the case of recovery of the account.
The main methods are listing below:
- Backup Codes : Google can give a set of sudo codes to help to login. (Note that these are single use codes)
2. Google Prompt: Once you are trying to login, Google sends a prompt to your already trusted devices like phone.
3. Google Authenticator: ‘Dynamic sudo code’(From google authenticator app) have to enter after your first level authentication like username& password to get inside the application.
4. Text Me /Call me: Once you are trying to login, Google will call /text to your already configured.
5.Security keys: Security key is another verification method and most secure strategy for 2-factor authentication that allows you to securely sign in. These can be built in to your phone, use Bluetooth or plug directly into your computer’s USB port. There are many other devices available in market to do such secure sign in.
All of the above may familiar with you all except this one, But the the ‘Security Keys’ is more secure if you are working in a data sensitive industries like financial or business domains.
The FIDO U2F Security Key by Yubico is an affordable YubiKey (USB authentication key) that works with any service that supports FIDO U2F. To authenticate with a FIDO U2F Security Key, the user simply plugs it with the computer or device, and touches the gold button. The security device is manufactured in US & Sweden with best practice security methodologies.
You can purchase such key devices from your trusted supplier. Here I am sharing the link of such a nice article that gives a better overview about such security key devices.
Also, You should have a rough read on instructions of 2 Factor Auth setup in google: https://support.google.com/a/answer/9176657
As I mentioned earlier, 2fa authentication setup can be used to retrieve your google account and recovery process.
Conclusion:
Google accounts, to be precise Gmail is one of the most successful and widely used email services available worldwide with a huge market share of 43% and a set of different applications like drive, presentations, docs maps etc.
Cyber attacks are common nowadays, and it is important to be prepared with maximum security for all your important ones. I believe this blog brings you awareness and information about the security measures with all perspectives.
Thanks & Regards
Nilmar Shereef
