Is your Google Account secure? Here are the things you should do to make sure it is.

I was just thinking about passwords and security the other day, and I got a little electric jolt.

What if my Gmail accounts got hacked?

How in the world would I get them back?

My accounts are my identity and lifeblood online.

If they got hacked, I’d have to call Google, for sure.. but how would they know it’s me and not someone posing as me?

They’d need personal information, right?

So here’s the MINIMUM of what you should do with your Gmail account.

There is much more of course, like making all your emails copy over to another email address as safekeeping, but here are some quick essentials.

It takes about half an hour for each email account, and 20 minutes thereafter as you start to get quicker at it.

1. Associate a phone number with your Google Account

If you use Gmail and don’t know how to get to your Google Account:

Settings (Top Right) > Accounts and Import > Google Account Settings (At the bottom)

Select: Password Recovery Options

Enter in a mobile phone number so that you receive an SMS text with a password-reset code on it to your cellphone.

This way, any time someone tries to reset your password (and it isn’t you), you will get texted.

2. Set up another Gmail account JUST for a password reset

I had to do this for all my email addresses.

You can name it something similar so you remember it.

So if you have an email address called:

Then name your password reset gmail account as:

Or something to that effect.

What to remember:

DO NOT use this email address for anything else.

Give it an entirely different password.

For each email address that was a password reset one, I gave them each a different password from the rest.

Just log into it once in a while, manually with a wired internet cable to keep it fresh, but leave it be.

Do not forward those emails from your Password Reset account to your regular account. It just defeats the purpose of having it there.

Set up in your Google Calendar a reminder to log in every 3 – 8 months so you don’t miss the deadlines and your account won’t be deleted.

Note: It’s really 9 consecutive months, but I like leaving a month out just to be sure.

3. Record down these 4 important bits of information:

This is just in case you need to call Google and they will have to  verify you are who you say you are.

Your first email ever received

  • Sender
  • Subject
  • Date
  • Time

To find your first email do the following:

All Mail (Under Labels) > Oldest > Scroll to the bottom

…And your first email ever sent

  • Sender
  • Subject
  • Date
  • Time

Click on Sent Items (Under Labels) > Oldest > Scroll to the bottom

Your list of personal Labels

If you use this function, you probably have something like:

  • Friends
  • Work
  • Family
  • Project A
  • Event B

Write them all down, and keep them safe for just in case something happens. Google will want that info.

Your top 20 contacts

Click on Contacts (On the right) > Export (Upper right of the box) > Select: Most Contacted

And export it in whatever format you’d like.

Re-label it, and store it in a safe place so you can refer back to it just in case you need to.

4. Don’t record questions or answers that are easy to find out

Such as mom’s maiden name, your high school, first pet, favourite colour… you get the drift.

Pick something totally, utterly random and obscure, WRITE YOUR OWN QUESTION, and make sure that only you would know what you are referencing.

Examples of Random “Write your own Questions”

  • Colour of that sweatshirt I stole from Linda the night we both fell in the pond
  • Place where I danced to the tune of that old Audrey Hepburn movie I like


5. Do the same info recording for your other Google Accounts

Most notably Feedburner, Adsense, Orkut..

Anything that is linked to your Google Account in some way, that you will need to verify.

Write down specific information from each account and store it.

6. Set your Gmail to always use https

Click on Settings > Always use HTTPS and Save.

It’s a secure connection, and may take you longer to navigate and use Gmail but is well worth it

7. Check out your Activity Details Log at the very bottom of your Gmail screen

See what IP addresses are accessing your mail.

Click on Details and a window will pop up:

The window should only show ONE IP address — yours.

(Not my IP address shown below)

Passwords can be hacked, but don’t be an easy target

Remember: do not use passwords like “God” or “password” or “qwerty”.

They are easily hacked and guessed.

Do a twisted combination of UPPERCASE, lowercase, numbers, and symbols if you can.

If you have a hard time remembering passwords, think of a sentence that means something to you, and take the first letter of each word, and substitute words like “for” or “to” with numbers instead.

Feel like doing more?

Check out these sources for more paranoia:

About the Author

Just a girl trying to find a balance between being a Shopaholic and a Saver. I cleared $60,000 in 18 months earning $65,000 gross/year. Now I am self-employed, and you can read more about my story here, or visit my other blog: The Everyday Minimalist.