How to keep your account from getting hacked
open allWhat for: So that attackers cannot crack it.
A Google account lets you synchronize music, photos, contacts, and other data across devices. However, if it is hacked, criminals will gain access to all of that data. Another danger is that if someone has access to your Google account, they can remotely lock out any connected devices and erase all data from them.
Make sure that your account is protected by a strong password that complies with the following requirements:
- Is at least 8 characters long;
- Contains lowercase and uppercase letters, numbers, and special characters ($, @, etc.);
- Is not an actual word or easy-to-guess phrase;
- Is not the same as your passwords for any other accounts;
- Does not consist of information that strangers could easily find out (your name, date of birth, pet's name, and so forth — or those of your friends or relatives).
To change the password:
- Tap your profile picture in the upper right corner of the app main screen;
- Tap Manage your Google account;
- Scroll to the right until you get to the Security tab;
- Select Password;
- Enter your current password and tap Next;
- Enter a new strong password twice and tap Change password.
What for: So you definitely don’t get hacked.
You can increase the security of your Google account by enabling two-step verification. Every time you try to log in from a new device, the system will ask for a one-time code. A notification will be sent to all gadgets that are already logged in to that account. Thus, even if someone tries to hack your account, you will still be able to prevent them from logging in.
You can verify a login:
- Using a trusted device. When you try to log in to an account from an unknown device, a message will appear on the phone with your Google account asking you to verify the login. You’ll find a list of devices that have attempted to log in but are awaiting verification on the Settings page;
- Using a one-time code received by text or a phone call.
- Using your phone's built-in security key. Please note that embedded electronic keys are supported only by devices with iOS 10 or later. For them to work, the phone must be located next to your PC, and Bluetooth must be enabled on both devices.
To enable two-step verification using a trusted device:
- Tap your profile picture in the upper right corner of the app main screen;
- Select Manage your Google account;
- Scroll to the right until you get to the Security tab;
- Tap 2-Step Verification;
- Tap Get started;
- Enter your Google account password and tap Next;
- Check if your device can get prompts from Google and tap Continue;
- If you can’t find your device in the list, tap Don’t see your device? link and follow instructions;
- Google will suggest selecting a backup authentication method for in case your trusted device is unavailable. To choose to receive the code in a text or a phone call:
- Enter the phone number you want to use to receive the codes;
- Choose how you want to receive the code (Text message or Phone Call) and tap Submit;
- Enter the code that you received by text or voice message and tap Next;
- To select backup codes as an additional verification method:
- Tap Use a different method.
- Print out or download the backup codes.
- Tap Next;
- Tap Turn on.
If you do not want to use a trusted device, choose another method of receiving the code — by text or a phone call:
- Tap your profile picture in the upper right corner of the app main screen;
- In the Manage your Google account menu go to Sign in & security;
- Tap 2-Step Verification;
- Tap Get started;
- Enter your Google account password and tap Next;
- Tap Show more options;
- Enter the phone number that you want to use to receive SMS messages or phone calls with codes;
- Choose how you want to receive the code (Text message or voice call) and tap Next;
- Enter the code that you received by text or voice message and tap Next;
- Tap Turn on.
To enable two-step verification using a security key, in the same section:
- Tap 2-Step Verification;
- Tap Get started;
- Enter your Google account password and tap Next;
- Tap Show more options;
- Go to the Security key section with the name of your device and follow the instructions;
- Tap Done.
After you have enabled two-step verification, you can add several more login methods:
- Using backup codes that work even if your phone is not available.
- With the Google Authenticator app
Use a trusted device, an incoming phone call, a special app, a security key, or backup codes for secure additional verification; an attacker can use malware or a communication protocol vulnerability to intercept a text message with a one-time code.
What for: To prevent hackers from changing your account password.
The identity verification feature protects your account from being hacked. For example, if a hacker wants to take over your account, they can try to reset your password and create a new one. But before, you must complete a verification step of your choice:
- Text message sent to your phone number;
- E-mail sent to your backup e-mail address.
- Tap your profile picture in the upper right corner of the app main screen;
- Select Manage your Google account;
- Scroll to the right until you get to the Security tab;
- Here you can specify:
- The phone number where you can be reached;
- A backup e-mail address.
How to keep corporations out of your business
open allWhat for: To prevent your movements from being stored on Google servers.
Google may save a list of all the locations where you have been. This location log is used to choose targeted ads, perform searches, and some other functions. For example, this option lets you automatically receive information about traffic jams between your home and workplace. If you do not want your travel information to be saved on Google servers, you can clear this log and stop adding to it:
- Tap your profile picture in the upper right corner of the app main screen;
- Select Manage your Google account;
- Scroll to the right until you get to the Data & privacy tab;
- Tap Timeline;
- Tap Manage location history;
- Turn off Location history option.
To delete your location history, perform the following steps in the Timeline menu:
- Tap the trash can icon at the bottom of the map;
- Tick I understand and want to delete all Location History and press Delete location history.
You can also enable automatic deletion of data every 3, 18 or 36 months in the same section:
- Tap the gear icon at the bottom of the map;
- Select Automatically delete Location History;
- Tick Auto-delete activity older than, and select among 3, 18, or 36 months, then tap the Next button;
Downside: Google will not be able to use information about your locations for purposes of ad and search personalization. The system will also not be able to create albums containing photos based on a specific location.
What for: To keep Google from knowing which apps you use and which sites you visit.
By default Google collects information about your search queries, location, and app activities. This data is used to increase the accuracy of recommendations and personalization of Google services.
If you would prefer not to share this information, you can disable access to it:
Tap your profile picture in the upper right corner of the app main screen;
- Select Manage your Google account;
- Scroll to the right until you get to the Data & pivacy tab;
- Tap My Activity;
- Select Web & App activity;
- Turn off Web & App Activity option.
To completely delete your app activity log and your search history, perform the following steps in the Web & App Activity section.
- Tap Manage Activity;
- Tap the three-dot icon to the right of the search bar and select Delete activity by;
- Select All time;
- Scroll down the page and tap Delete.
- Tap OK.
To delete particular activities from your history or to wipe data for a particular period of time, select the activity record that you want to delete and tap the cross to the right.
To enable automatic deletion of data every 3, 18, or 36 months, perform the following steps in the Manage history section:
- Tap the Auto-delete button;
- Tick Auto-delete activity older than and select among 3, 18, or 36 months, then tap the Next button;
- Tap Confirm.
What for: So that Google does not know who you frequently talk to.
Google can save data about the contacts on the devices that you use to log in to your Google account. Such data includes not only phone numbers and e-mail addresses, but also information about how often you communicate with a particular person. Syncing data across devices is convenient, but the information can also be used to target advertising, and it can be shared with third parties such as Google affiliates. If you prefer not to share this information, prevent the data from being saved:
- Tap your profile picture in the upper right corner of the app main screen;
- Select Manage your Google account;
- Scroll to the right until you get to the People & sharing tab;
- Tap Contact info saved from interactions in the Contacts section;
- Turn off Save contact info when you interact with people.
Remember that other Google services and apps, such as the Contacts app, can save data about your contacts.
What for: So that Google does not know which videos you have watched.
Your account holds your YouTube search and watch history. This information can be used to target advertising, and it can be shared with third parties, such as Google affiliates. If you prefer not to share this information, prevent the data from being saved:
- Tap your profile picture in the upper right corner of the app main screen;
- Select Manage your Google account;
- Scroll to the right until you get to the Data & privacy tab;
- Tap My Activity;
- Select YouTube History;
- Turn off the YouTube History;
To completely delete your YouTube search and watch history, perform the following actions in the YouTube History section:
- Tap Manage Activity;
- Tap the three dots to the right of the search box;
- Select Delete activity by;
- Tap All time or select the desired period;
- Tap Delete.
To enable automatic deletion of data every 3, 18, or 36 months, perform the following steps on the YouTube History page:
- Tap the Auto-delete button;
- Tick Auto-delete activity older than, and select among 3, 18, or 36 months, then tap the Next button;
- Tap Confirm.
What for: To stop the developers of third-party apps from collecting information about you.
Certain sites and apps may request access to your account data, such as your date of birth, gender, and phone number. Developers use this information to show you targeted ads and to collect statistics about their audience. If you would prefer not to share this information, limit access to it:
- Tap your profile picture in the upper right corner of the app main screen;
- Select Manage your Google account;
- Scroll to the right until you get to the Security tab;
- Tap Manage third-party access in the Third-party apps with account access section;
- Select the apps you want to prevent from viewing your information, tap Remove access, and then OK.
How to prevent your personal data from being exposed
open allWhat for: So that strangers do not know too much about you.
Certain data — including your date of birth, gender, and phone number — from your account is visible to other users by default. To prevent strangers from viewing this information, deny access to it:
- Tap your profile picture in the upper right corner of the app main screen;
- Select Manage your Google account;
- Scroll to the right until you get to the People & sharing tab;
- Tap About me in the Choose what others see section;
- Select the fields containing information that you want to deny access to, and specify that only you can see it.
You may not limit access to certain data, such as photos and names.
What for: So that strangers cannot see your name and photos in ads.
Google can add user ratings and reviews on an advertised product or service to their ads (such as in paid search engine results). The profile photo and the name of the user who wrote the review or added the rating are published as well. If you do not want strangers to see your personal data in ads, disable this feature:
- Tap your profile picture in the upper right corner of the app main screen;
- Select Manage your Google account;
- Scroll to the right until you get to the People & sharing tab;
- Tap Manage shared endorsements in the Shared recommendations in ads section;
- Untick Based upon my activity, Google may show my profile name, profile photo, and activity in shared endorsements in ads, which is located at the bottom of the page.
Downside: If you disable the sharing of your recommendations, you will not see other people’s ratings and reviews in ads.
How to clean up your traces
open allWhat for: To maintain control over your data even if you decide to quit using your Google Account
If you stop using your account or lose access to it, all of your data will still remain on the company’s servers. That means the videos you uploaded on YouTube will still be available, Google Photos will continue to store your photos, and so on. You can configure the system so that your Google account will be deactivated and all of your data will be deleted after a certain period of time.
- Tap your profile picture in the upper right corner of the app main screen;
- Select Manage your Google account;
- Scroll to the right until you get to the Data & privacy tab;
- Scroll down to Make a plan for your account;
- Tap Start;
- In the Decide when Google should consider your Google Account inactive section tap the Edit button and select the inactivity period after which your account should be deactivated. Google will send you a notification when the conditions are satisfied and your account will soon be deactivated;
- Check the phone number, your main and backup e-mail addresses that Google will use to send messages about your inactivity. You should have access to all of them so that you do not miss the notification;
- Tap Next;
- Tap Add person and enter the phone number and e-mail address of the person who will receive a notification that your account has become inactive. If you want, indicate whether this person should be allowed to download an archive with your data, and what information it should contain;
- Tap Next;
- If you want, activate the toggle next to Yes, delete my inactive Google account;
- Tap Confirm your plan, tick Receive email reminders that Inactive Account Manager is turned on and tap Review plan.
Remember that along with your Google account all data from connected services, such as YouTube, Google Photos, and others, will also be deleted.