This post is part of the 21 Google tips & tricks Series.
As we've seen throughout the series – Google has lots of information about you.
Your passwords are stored on Chrome, photos on Google plus, documents & files on Google Drive, emails & contacts on Gmail, schedule on Google calendar, addresses on Google maps, search history & trends on Google search…
You get the point. If someone gains access to your account that would be really bad news.
In this post I'll show you exactly what you need to do (right now), to protect your personal data and keep it safe.
Secure your personal Google Account data:
(1) Set a strong password.
Obvious, but at times not taken seriously enough.
- Bad Password: YourName123 (makes sense).
- Good Password: iWjl45q88-bp (makes no sense).
(2) Set up two step verification.
Even if you have the most complex password in the world, you'll be surprised to learn how simple it could be for someone with the wrong intentions to reveal that password. In fact, all it takes is 2 clicks to reveal all you hidden passwords.
By enabling two step verification for your account, you make it a lot harder for strangers to access your personal data.
What is 2 step verification & how does it work?
It’s a simple yet very powerful concept. Two step verification means that after you correctly submit your password, you're transferred to a secondary screen where you're asked to insert another code.
The verification code is sent (for free) within 5 seconds to your phone, via SMS or voice call. You then need to insert the 6 digits code into the password box in order to log into your account.
What is it good for?
Imagine someone's trying to hack into your account and managed to get hold of your password, which you'll be surprised to hear – isn't that difficult at all (more about that soon).
If you've enabled two step verification for your account, the evil hacker will have a slight problem after successfully typing in your password. He'll need to type in the 6 digits code which was sent to your phone.
And it gets even better.
Once the guy tries to hack into your account with the password – your phone (which is hopefully in your pocket) will get an SMS message with a 6 digit code.
Now do the math… if you weren't the one who requested the code – someone else did. And if that's the case it means someone is trying to hack into your account.
i.e. change your password immediately.
Doesn't it become irritating to insert two codes each time?
Not at all. If you're logging in to your account from a private computer, you can check the “Trusted Computer” box which will then allow you to log in with your password alone – just as you did before.
What if you don't have your phone or don't have reception?
Good question, but there’s a simple answer for that as well.
1) Backup codes.
Google allows you to print backup codes which are meant for exactly these type of situations. Each backup code is 8 digits long and can be used only once before being deactivated. You can print up to 10 codes each time, and generate new ones at any stage.
But if you're not into printing, I have good news for you. You can also install the Google Authenticator App on your phone or tablet, which allows you to generate the 2 step verification code directly on your phone. And best thing is that it works also without internet connection!
2) Recovery phone.
If you set up a recovery phone for your account, you can ask Google to send the code to that phone instead.
3) Trusted computers.
If you're without your phone or recovery codes, you can access your account via a trusted computer (since that computer won't ask you for the verification code).
Ok got it. How do I enable 2 step verification for my account?
Ready to get started? Follow these simple instructions.
* Google Apps users – the feature needs to be enabled at the top domain level in you Google Apps dashboard (ask in the comment section if you need help with this).
More things you should do right now.
(3) Review your connected apps.
Check which apps have permission to access your account and disconnect any apps that you're unfamiliar with.
(4) Check your account activity dashboard.
If at anytime you have a feeling that someone managed to hack into your account, log into your activity dashboard and search for suspicious behavior.
(5) Complete the 5 step security check up
Google launched a very handy dashboard called security check up, allowing you to review strengthen your account security.
It basically sums up everything we've learned so far in the most efficient and practical way.
- Your valuable, sensitive, personal data is stored on Google's servers.
- Protecting your data should be a top priority.
- A password alone is simply not good enough.
- There are several ways to boost your account security.
- Start by completing the 5 step security check up.