5 Steps to Secure Gmail Account from Hackers

Best Anti-malware

MalwareFox Premium

  • Removes Malware which Antivirus cannot
  • Protects from Ransomware Attacks
  • Lightweight and Fast Detection

We first knew about email in 1960's. It became an alternative to the traditional snail mail. By the 1990's, it became the leading information exchange method around the world. In the new millennium, Web 2.0 introduced an original purpose to the simple email.

Today, online presence is as significant as your offline identity. Social media, online bank portals, and even blogs require registration. Your email evolved to an actual identification method online.

Gmail has evolved from a simple HTML-based webmail to a universe of services and products. Google Drive, Google Calendar, and YouTube are just a few of the most popular Google consumer products. Your smartphone running on Android is also tightly connected to your Gmail. Even businesses run on Google network through AdWords, AdSense, and Google Analytics.

Your Gmail is one of the most influential tools that you have. Gaining access to your Gmail also means gaining access to most of your personal information. And hackers know this so well. Email remains as one of the most popular targets of attacks by cybercriminals. The amount of information going through an unsecured email account puts you at risk.

Securing your Gmail account should be a top priority right after registration. Even those who have old gmail should make sure that proper security measures are in place. Follow the steps below to secure your Gmail account from hackers.

Step 1 - Update First Layer Security

During registration, you have probably set-up your first layer of protection. It includes your password, recovery information (phone and email), and security question. The first layer of security protects your account from unauthorized login attempts.

Your first layer of security should always be updated, especially if you have an old Gmail account.

Log in to your Google Account. Under Sign-in & security, click Signing in to Google.

Go to Password & sign-in method. In Password, you will see when you last updated your password. Click and update your password if it is older than six months.

Scroll down to Account recovery options. Check if your recovery email, recovery phone, and security question are correct. Update if necessary.

You will be required to enter your current password if you want to update any of the information above.

  Layered Security Configuration

Step 2 - Set-up Second Layer Security

The first layer of security described above is not enough protection. Hackers get smarter and smarter. Malware varieties are also getting more sophisticated. Thankfully, Google has made Gmail more secure by offering second layer security options.

Go back to the Sign-in & security page. Click 2-Step Verification under Password & sign-in method.

The 2-Step Verification adds another protection layer to your account. Whenever you log in, Google will ask for a code sent to your mobile phone through SMS. Hackers will have a difficult time hacking into your account even if they have your password.

In the 2-Step Verification page, set-up an active phone number. Go through the process, and it should have the green "Verified" label on your account.

Do not forget to download the Backup Codes. You can use the backup codes in case you don't have access to your phone. Keep this in a safe location and do not upload this to any cloud storage services.

Additionally, Google developed more methods of security to protect your account further.

You can set-up Google prompt if you don't want to receive SMS every time you log in. The Authenticator app also functions like the 2-step verification. But it works even when you're offline or out of service areas. It is recommended to set-up a Backup phone just in case you lose yours. Security Key is the most reliable protection you can set-up for your Gmail.

Step 3 - Review Gmail Activities

One of the best features of Gmail is the ability to monitor the activities in your account. There are three things you should be taking note: account notifications, email forwarding, and third-party actions.

First, go to Sign-in & security page. In Devices activity & notifications, review both Recent security events and Recently used devices.

All applications and devices using your Gmail account should be listed here. If there are unknown apps or devices registered, they can access to your account. Perform a security check right away.

Second, log in to your Gmail account. Click the cog icon in the top right corner. Choose Settings from the drop-down menu.

In Settings, go to Forwarding and POP/IMAP tab. Check if all emails in Forwarding are set-up by you. Make sure that the settings in both POP and IMAP are yours as well. POP/IMAP protocols are used by third-party email clients to access your emails and Gmail account information. Disable these options if you are not using any email clients.

Lastly, scroll down to the very bottom of the web page. Locate the small Details link.

It will open a new window. You will see all account activities and access types. Make sure that everything listed is consistent with your logins. Check for any inconsistencies in location and access type. Perform a security check once you see anything suspicious.

Step 4 - Clean-up Account Access

The convenience of signing in using the Gmail profile in most websites also creates vulnerabilities. Some sites may gain access through session hijacking[Session Hijacking Controls your Account without Password: How to]. It is necessary to check what applications and websites have access to your account.

Go to your accounts Sign-in & security page. Scroll down to Apps with account access. Click Manage apps under Apps with access to your account.

You will see that applications with access to your account information. It also includes Android applications on your phone. Review each application and its access. Click on any app, and it will list the services it can access.

Remove access to any applications you haven't use in six months. Only keep trusted and frequently used apps.

  3 Steps to Recover Hacked Gmail Account

Step 5 - Ensure Computer Security

While your email is typically not local on your machine, it is still essential to keep your computer free of threats. Malware residing in your system may gain access to your login information. Hackers can freely log in to your Gmail once they capture the data. Or worse, gain access to more essential websites and portals.

Keep your computer clean by installing antivirus and anti-malware applications. Good examples are Avira and MalwareFox. The security applications will provide real-time protection. Additionally, schedule regular scans to make sure no malicious applications are hiding on your computer.

Also, keep everything updated. New patches are regularly available to most modern operating systems. Keep your browser updated as well. The security systems mentioned above should always be up-to-date too.

Final Thoughts

Gmail has gained importance in the last few years. It became a one-stop-shop for most of your online presence. Keeping it safe should be one of your top priorities.

Avoid clicking on unrecognized links in your emails. Moreover, be careful in downloading attachments. Only trust on emails which is sent by known and familiar sources. Delete anything that looks unfamiliar or suspicious. Be extra vigilant of the emails about promos, deals, and click bait.

  Is my Gmail Hacked? How to Tell in 4 Steps

12 thoughts on “5 Steps to Secure Gmail Account from Hackers”

  1. Yes I am interested in the protection on my email address and phone number so I can text message very often since I am hearing impaired guy from Greenville SC and I have no idea how to do for my protection my full Personal information because I have changed my phone number then I have tried to email address to the Twitter account so they denied me because I have forgotten to send my email to the Twitter account so Thanks

  2. Hello.

    Thanks for the write-up.

    I would like to ask a more direct question. If POP and IMP are “disabled” in my Gmail account, does that block a hacker making a request to retrieve my emails if they happen to know my username and password?

    • If someone knows your username and password, nothing can stop them to access your account.
      You must have 2 Factor authentication enabled to avoid access using only password.


Leave a Comment