For Android users, “sensitive accounts” seems like an understatement when you think about how many things are tied to this single sign-on: email, documents, photos, files, browsing history, contacts, text messages, location history, and more. If you use Google for work, personal use, or both, you need to do everything possible to protect and maintain complete control over all that information.
In that case, the password you hastily set 7 years ago is not enough. For something as important as personal information, the key is just the beginning of smart security settings. And it might even be time to upgrade.
Take 10 minutes to review the steps below and then relax with confidence that your Google account is as protected as possible.
Strengthen your front door
Step 1: Check your Google account password
We’ll start with something simple but very important: the aforementioned Google account password. Consider the following questions:
- Is your Google password based on your name, your spouse’s or child’s name, your birthday, your home address, or something else that someone can easily find by searching on Google?
- Does your Google password contain common words or easily guessable patterns?
- Is your Google password shorter than 8 characters?
- Do you use your Google password (or a variant of it) to log into other apps, websites, services, etc.?
If you have a question to which you answered ‘yes’, you need to reflect first. You must change your password immediately. It should be long, complex, and not contain easily discoverable personal information, common words, patterns, or things you use elsewhere.
Step 2: Add a layer of protection to your Google account
No matter how strong your Google account password is, there is still a chance that someone can break in. However, by enabling two-factor authentication on your account, you can significantly lower the risk of someone actually gaining access to your virtual assets.
Two-factor authentication presents an additional form of security beyond your password and ideally requires a physical object that you carry with you at all times. The simplest and most effective form may be a message or code generated by a smartphone. If you want to get really complicated, you could just press a button on a key you actually have on you (a special USB or Bluetooth-based dongle, or even one built into your smartphone). There are also codes sent via text message, but this method is not recommended as it is relatively easy to hack.
Whatever you choose, having a second layer in place will make it incredibly difficult for anyone to log into your Google account even if they get your password.
If you haven’t set it up yet, Google 2-step verification pageLet’s go and get started.
Step 3: Be prepared to prove your identity
If Google detects suspicious activity on your account, it may require you to verify your identity before logging in. If you haven’t checked your account authentication settings in a while (or at all), there’s a pretty good chance that they’re either older than necessary or gone.
Now, for one minute, Google’s account security siteLet’s open and look at ‘How to verify your identity’. There are two options.
- recovery phone number
- recovery email
If the value next to an option is out of date or incorrect, click it immediately to update it.
And now you’re ready to take your Google account protection to the next level.
crack down on connections
Step 4: Review third-party services accessing your account
When you set up an app that connects with Google in some way on your smartphone, computer, or Google service such as Gmail or Docs, that app is granted a certain level of access to your Google account data.
Depending on the situation, you can check activity within a specific Google service, check everything in Gmail, Google Calendar, Google Drive, etc., or check everything in your entire Google account.
Because too often we click boxes without thinking carefully, let’s take a look at exactly which apps have access to what kind of information. google’s Review third-party app access Visit the page to see a list of connected services. If you see something you no longer use or don’t recognize, click on the line and then click the button to remove it.
There’s nothing wrong with allowing apps you trust to access your account, but it’s a good idea to check the list periodically and keep it as up-to-date and concise as possible.
Step 5: Review the devices accessing your account
Aside from apps, you’ve probably logged into your Google account using a variety of physical devices over the past few months (or even before). And once you log in at that system level, your device will remain connected to and accessible to your account for any period of time.
google’s Device activity pageYou can break this cycle and regain control by going to . If you have a device you no longer use or don’t know about, click the three-dot menu icon inside the box and log out of your account immediately.
Step 6: Check the app permissions on your smartphone
Another important app-related consideration: If you’re using Android, system-level permissions, such as those tied to Contacts and Calendar, can effectively control access to areas of your Google account data. This is because services such as Google Contacts and Google Calendar synchronize their data between your smartphone and the cloud.
Go to the Privacy section of your phone’s system settings and look for ‘Permission Management’ (or something similar; exact wording may vary depending on Android version and device manufacturer). From there, you can look at each permission type and see which apps are granted access. And with just a few taps, you can revoke permissions for apps that you feel don’t need access.
Source: www.itworld.co.kr
