If you have your doubts about the security of your business Gmail and other Google accounts, this blog on how to secure Gmail and more is your go-to!

Over four billion digital records were exposed in the first half of 2019 alone due to cybersecurity breaches.

Data breaches are far-reaching and more so when it involves an essential internet tool like Gmail sign-in credentials. For many people, signing up for something using Gmail is a near default nowadays.

Therefore, you can imagine the horror when a malicious actor takes control of a Gmail account that’s linked to so many other services.

Here’s a guide on how to secure Gmail detailing six things you can do to stay safe online.

1. You Need a Robust Password

A lot of cyber breaches occur not because malicious actors are as sophisticated, but because a user’s password habits are weak. Your Google account is no different.

Do you use a password for your Google account that you log in on other sites with? Is your password derived from a common term that one can easily guess? These are some of the poor password habits you need to break.

You should never use a password derived from your name, child’s name, or even your spouse’s. Passwords based around your identity are easy to crack.

At the very least, you need a password for your Google account that is eight characters or more. These characters have to be a mix of letters in both big and small caps, numbers, and symbols.

The more random the password, the better as a malicious actor will have a harder time cracking it.

Make it a firm resolution to never recycle passwords. Ever.

Once you create a robust Google account password, you can use a password manager to help you remember it.

2. Add Another Layer of Security

While rookie hackers can get turned away by more complex passwords, it doesn’t make you infallible. As a result, you should add an extra protective layer to your Google account using two-factor authentication (2FA).

How 2FA works is that once you enter your password, you will be prompted to input authorizing information Google sends to a physical item only ever in your presence.

Initially, this used to be a code sent to your cell phone that you then input after your password. However, once SIM swap fraud became prevalent, there was a need for an alternative 2FA approach.

A malicious actor could fraudulently change your SIM card, thereby gaining access to the code.

Nowadays, you can use dedicated key fobs, which are USB or Bluetooth enabled to assist you in authenticating.

If you still desire to use 2FA on your phone, it’s advisable to opt for push notifications. These are harder for malicious actors to access short of taking physical possession of your device.

3. Watch the Third-Party Access You Give

Another entry point that creates vulnerability is the third-party access permission you allow.

Allowing an app to interact with your Google account in whatever way gives it access to your information. The access level of each app varies, but the app can access some of your data.

Malicious actors love using such apps as Trojan horses to get to your information undetected and take hold of your account.

To clamp down on this, you should avoid wholesale granting of access permission to third-pay apps.

Check Google’s third-party access overview for all the apps that have permission to your Google account. If you notice an app you don’t use (or one that’s unfamiliar to you), ensure you revoke its access.

Such an assessment should become a regular thing to keep the list current.

4. Assess the Devices That Can Access Your Account

Being able to access your Google account from various devices is convenient. But you want this convenience to not come at the expense of your security.

The downside of accessing your account on different devices is once it has access, it stays signed in no matter when you last used the device.

Therefore, visiting Google’s device activity page is essential to identify all the devices that access your account.

As with apps, if you notice unfamiliar devices or those you no longer use, you should sign it out of your account to revoke access. Make it a habit to perform this check so that you can catch any suspicious activity at the onset.

5. Inspect the Extension Permissions on Your Browser

Any extensions you add to your Chrome browser adds more capabilities to it—and vulnerabilities too.

What many users don't know is that, until late 2018, extensions would request blanket permission to access to read and alter data on any site you visit. That meant complete access to what you do in your browser, even for the simplest of extensions.

Even though Google is implementing more nuanced extension permission nowadays, not all extensions comply.

It’s this loophole that potentially enables malicious actors to gain access to your Google account.

It’s up to you to limit the permission scope for all extensions. To do this, type chrome:extensions into the address bar and check the details for each extension’s permission.

6. Set up Recovery Options

Part of securing your Google account is creating an option to recover it in case of any breach.

When Google detects suspicious activity in your account, you may need to prove your identity for you to sign in again (more on that here https://setapp.com/how-to/google-account-recovery).

In case you get locked out of your account, you can use a recovery email or phone number to reset the password. However, that will only work if you design an address or phone number.

So, don't skip those frequent reminders to set up (or evaluate) recovery options.

It's wise though, to remember that hackers can use such email alerts when phishing. Never click on any link in a sign-in email alert.

If you're suspicious, go to Google.com, sign in into your account, and change your password.

Learn How to Secure Gmail and Other Google Accounts

The modern-day Google account counts for a lot more than merely Gmail. Many users now rely on their Google account to sign-up for various services. That makes these accounts highly targeted by hackers. Learn how to secure Gmail and other Google accounts to ensure your cyber safety.

Are you thirsty for technology tips and tricks? Check out more of our content to stay up-to-date on handy tech ideas.