20 September 2011

How to Make Your Google Accounts More Secure

how to make gmail more secureFor many of us, a Gmail password is not just a Gmail password. It's a passport to our Google Docs account, our AdWords campaigns, our personal Google calendars, Google Docs and more. That's not to mention access to Gmail itself, through which someone can find tax returns, private email conversations and other data to pull off identity or credit card theft. If you are using Google business apps, you risk damage to your company if staff members' accounts are insecure.

Luckily, Google has a vested interest in keeping your information as secure as possible. Follow Google's own Security Checklist for concrete steps to put your Google Account on lockdown, and pay special attention to the advice below.

1. Check for Third-Party and Updated Browser Extensions

Checking your browser for plug-ins, extensions, and applications that may have access to your Google account is a step that merits special attention, particularly because Google doesn't tell you how to do this.

Internet Explorer
This support page tells you how to disable browser helper objects in IE. If you want to disable third party extensions entirely, click Tools, Internet Options, Advanced, and uncheck the "Enable third party browser extensions" box under "Browsing". You will need to restart the browser for the setting to take effect.

This page automatically detects your Firefox plugins and ensures that they are up to date.

Google Chrome

Google has asked Chrome extension developers to include automatic updates with their extensions to make Google Chrome more secure.

2. Change Your Password Often

Most of us ignore this simple step, not just for our Google Accounts, but all accounts that we use. While there is no set rule to changing your passwords, I've aimed for about once a month since my Zhang attack.

3. Set up Two-Step Verification

This is the most important step in Google's Security Checklist. Two-step verification adds an extra layer of security to your Google account by requiring a special code to be entered on trusted computers once every 30 days, and any time you are accessing the account from a non-trusted computer. But this doesn't happen by default; you have to set it up with Google first.

I'll add that printing your backup verification codes is more secure than saving them to a text file. If you do choose to save them to a text file, don't name it "Backup Google Codes" or something similar.

While signing up for two-step verification with Google is self-explanatory, this video from Google helps it make a lot more sense.

4. Require Google Accounts Used For Business to Be Secure

If you run a small business, ask all of your employees and contractors to run through the Google Security Checklist for their Google accounts. If you share Docs or other applications with clients, create a special outward-facing Gmail address that you can share with other Gmail users who may potentially be insecure themselves.

If you have a good ongoing working relationship with a client with Google accounts, send them this article and ask them to run through Google's suggested steps.

If you are concerned about security in your industry, have contractors and employees sign a contract that requires them to ensure that their Google Accounts are secure and use two-step verification.

The bottom line is that keeping your Google Account secure requires a bit of extra work. Considering that our Google accounts are digital keychains to our online lives, though, it's definitely time well spent.

For professional and affordable IT tech support, feel free to contact us at Farend, for no obligation quotation.

The above article was originally published by PCWorld and can be seen here.