How to keep your account from getting hacked
open allWhat for: So that attackers cannot crack it.
A Google account lets you synchronize music, photos, contacts, and other data across devices. However, if it is hacked, criminals will gain access to all of that data. Another danger is that if someone has access to your Google account, they can remotely lock out any connected devices and erase all data from them.
Make sure that your account is protected by a strong password that complies with the following requirements:
- Is at least 8 characters long;
- Contains lowercase and uppercase letters, numbers, and special characters ($, @, etc.);
- Is not an actual word or easy-to-guess phrase;
- Is not the same as your passwords for any other accounts;
- Does not consist of information that strangers could easily find out (your name, date of birth, pet's name, and so forth — or those of your friends or relatives).
To change the password:
- Go to the Manage my Google Account page: https://myaccount.google.com;
- In the menu on the left, select Personal info;
- Click Password;
- Enter the current password for your Google account.
- If you have activated identity verification using a trusted device or two-step verification, you’ll have to pass the verification step instead of entering a password;
- Enter a new strong password twice and click Change password.
What for: So you definitely don’t get hacked.
You can increase the security of your Google account by enabling two-step verification. Every time you try to log in from a new device, the system will ask for a one-time code. A notification will be sent to gadgets already logged in to the account. Thus, even if someone tries to hack your account, you will still be able to prevent them from logging in.
You can verify a login:
- Using a smartphone. When you try to log in to an account from an unknown device, a message will appear on the phone with your Google account asking you to verify the login. This is the default method for owners of Android smartphones. You’ll find a list of devices that have attempted to log in but are awaiting verification on the Settings page;
- Using a one-time code received by text or a phone call;
- Using a security key, which is a specialized device with a built-in encryption key that connects to a computer for login verification.
To enable two-step verification using a trusted device:
- Go to the Manage my Google Account page: https://myaccount.google.com;
- Select Security in the menu on the left.
- Click 2-Step Verification;
- Click Get started.
- Enter your Google account password and click Next;
- Check if your device can get prompts from Google and click Continue;
- If you can’t find your device in the list, click Don’t see your device? link and follow instructions;
- Google will suggest selecting a backup authentication method for in case your trusted device is unavailable. To choose to receive the code in a text or a phone call:
- Enter the phone number you want to use to receive the codes;
- Choose how you want to receive the code (Text message or Phone Call) and click Send;
- Enter the code you receive and click Next;
- To select backup codes as an additional verification method:
- Click Use a different method;
- Print out or download the backup codes;
- Click Next.
- Click Turn on.
If you do not want to use a trusted device, choose another method of receiving the code — by text or a phone call. You can do that in the Security section:
- Click 2-Step Verification;
- Click Get started.
- Enter your Google account password and click Next;
- Click Show more options;
- Select Text message or voice call;
- Enter the phone number you want to use to receive the codes;
- Choose how you want to receive the code (Text message or Phone Call) and click Next;
- Enter the received code and click Next;
- Click Turn on.
You can enable two-step verification using a security key in the same section:
- Click 2-Step Verification;
- Click Get started.
- Enter your Google account password and click Next;
- Click Show more options;
- Select Security Key;
- Prepare the security key dongle and click Next;
- Connect the security key dongle to your computer. When it appears in the list of devices on your screen, click Next;
- Click Turn on.
After you have enabled two-step verification, you can add several more login methods:
- Using backup codes that work even if your phone is not available.
- With the Google Authenticator app.
Use a trusted device, an incoming phone call, a special app, a security key, or backup codes for secure additional verification; an attacker can use malware or a communication protocol vulnerability to intercept a text message with a one-time code.
How to prevent your personal data from being exposed
open allWhat for: So that strangers do not know too much about you.
Certain data — including your date of birth, gender, and phone number — from your account is visible to other users by default. To prevent strangers from viewing this information, deny access to it:
- Go to the Manage my Google Account page: https://myaccount.google.com;
- Select People & sharing in the menu on the left;
- Click About me in the Choose what others see section;
- Select the fields containing information that you want to deny access to, and specify that only you can see it.
You may not limit access to certain data, such as photos and names.
What for: To keep strangers from learning where you are.
Certain Google services can show your location to other users. By default, the feature is disabled. However, you can activate it by, for example, sending your current location to one of your contacts. We recommend reviewing who is allowed to access your location data and denying strangers access to it:
- Go to the Manage my Google Account page: https://myaccount.google.com;
- Select People & sharing in the menu on the left;
- Click Manage location sharing in the Location sharing section;
- In the What others can see section, remove any users who have access to your location data. To do that, click the cross to the left of their name or pseudonym.