TechAdvisory.org

Technology Advice for Small Businesses

Increasing Google account security

GppgleApps_Sep29_AOne truth about computing is that despite the various efforts you may make, there is always a chance that your data or account information will be leaked. It is because of this that many companies like Google have implemented stronger security controls. If you have a Google account, personal or business, there are a number of things you can do to keep your account and related information secure.

Don’t use your main account to sign up/as a login for other sites and accounts

When we hear of account breaches or instances where Google account information has been leaked, many people will turn and blame Google, thinking that it was Google’s systems that were breached. While this is a possibility, more often than not the breach occurred with another system where a Google account was used to either sign up, or as the main username.

When hackers get hold of this information they can then use it to launch subsequent malware or phishing attacks against the main Google account, in hopes of actually gaining access to it. Therefore, to prevent this from happening, you should be sure to limit what you use your main Google account to sign up for. Most websites requiring you to sign up for an account ask for an email address, so it is best to create a second dummy account that is only used for this purpose.

If you are asked to set the username as an email address, use this dummy email address and be sure to keep this account separate from your main account.

Don’t use your Google password for other sites

Alongside account information breaches, password breaches on other sites are also commonplace. If you have used the same password for a site that you use to access your Google account that is akin to giving hackers direct access to these accounts.

Use a unique password for every site you sign up for, but at the very least make sure your password for your Google account is unique from any other accounts.

Use 2-step verification

Most major websites offer enhanced login security these days, Google included. When enabled, you will need to enter a second code – usually sent to your mobile or generated by a PIN generator – in order to access your account.

The major benefit here is that anyone who tries to access your account will need to enter this PIN, and because the majority of hackers won’t have access to your mobile device, your account will be more secure.

You can enable 2-step verification by:

  1. Logging into your Google account.
  2. Going to the 2-step verficiation website (http://www.google.com/landing/2step/).
  3. Pressing Get Started at the bottom of the page.
  4. Selecting Start Setup on the next page.
  5. Logging into your account again.
  6. Following the instructions on the following pages.

In order for this to work, you will need a mobile device. You can either enter a phone number or choose to download the Google Authenticator app onto your mobile device. Regardless of which method you use, you will need to enter a cell number during the setup.

Audit your account security settings

If you are unsure as to how secure your account is, or the security options you have available, one of the first stops you make should be to Google’s account checkup page (http://g.co/accountcheckup). Here you will see a number of security options that are available to you which you can enact or modify.

Finally, take a look at your account login locations on a regular basis. This information can be found here: https://security.google.com/settings/security/activity and shows you where recent logins were made, what systems were used, and even the IP address. Should you see some irregular activity, or strange looking login locations, then it is advisable to change your password immediately.

If you are looking to learn more about the security of your accounts, and what you can do to ensure that hackers can’t gain access, contact us today.