How to Make Your Gmail Account More Secure

Like all of your Internet activity, it is important to take all available precautions to make sure your email account is secure as possible. Recent malware and phishing scams have affected some Gmail users, and while this is not indicative of security problems with Gmail itself, it is a reminder that Gmail users should check their settings to make sure their Gmail accounts are as secure as possible. Here are a few ways you can make your Gmail account more secure:

Enable 2-step verification. This security feature uses a phone and a second password on sign-in, adding a second layer of security by requiring you to have access to your phone in addition to your username and password. This Gmail feature prevents someone who has guessed or stolen your password from logging into your account without also having your phone. To set up 2-step verification, go to your account settings page and look for the “Using 2-step verification” link under Security, and then click the link to start the setup process. To use the 2-step verification using Gmail (or any other Google product), log in with your username and password. You will then be prompted to enter the verification code, which you will get from your phone. (Google notes that you will only have to do this once every 30 days if you choose.) Non-browser applications and devices that use your Google account will stop working soon after you turn on 2-step verification, and you will need to sign in using your username and a special password you generate for this app (but only once for each device).

enable 2-step verification for more secure gmail

Use a strong password. Creating a password that is long and includes special characters will help keep your Gmail account more secure. According to research by Thomas Baekda, the complexity of a password determines its security and ability to be compromised by hacking. If your password takes too long to try to hack, it is a secure password, and factors like network latency, bandwidth, and server speeds limit the number of requests a hacker can make on your password. To make a password that is complex but also hard for others to guess, Baekda suggests using a three-word phrase separated by a special character — such as a space — between the words. You should aim for something easy to remember and use less-than-common words, such as the example Baekdal provides: “fluffy is puffy.” This phrase would make a secure password as a hacker would need much more than a common word dictionary to crack this password, while you actually can still remember the password.

Additionally, only sign into to Google at a proper sign-in prompt like https://www.google.com. Google notes that it will never ask you to email your password to Google. Also, Google suggests checking your Gmail settings for suspicious forwarding addresses or delegated accounts to make sure your account has not been compromised.

Article Written by

  • Andrew Jamison

    Great points! I would also add to make sure the login page has HTTPS in the URL as the official GMail does, so if it is not on a secure HTTPS page your not on the official Google page

  • Jordan Vasquez

    Very helpful! Thanks

  • Anonymous

    As someone on Episode 128 of a video podcast after taking the audio version to Video I initially struggled to get the right mix  of words to convey the thought while still keeping an engaging video show.  I now put out both Audio and Video versions of the show and it seems I have two camps forming. some that like the video and some that like the audio. 

  • Anonymous

    As someone on Episode 128 of a video podcast after taking the audio version to Video I initially struggled to get the right mix  of words to convey the thought while still keeping an engaging video show.  I now put out both Audio and Video versions of the show and it seems I have two camps forming. some that like the video and some that like the audio.