See the original question here.
Google Guidelines (Answered by Al E.)
Google offers quite a few tools to help you keep unwanted persons out of your account, but they only work if you activate them.
Keep Your Account Recovery Options Up to Date
Mobile
telephone number: If you forget your password, or if there is unusual
activity on your account, Google can send you a security code via SMS
for you to prove you are who you say you are. If someone has your
account password it's quite unlikely they've also got your mobile phone.
Google will only use your number for security purposes. Important: Keep
this up to date! This won't be of much use if Google sends security
codes to a phone number you no longer use.
Recovery
email address: Similar to the mobile phone number, this is a different
email address where Google will send security codes and other important
security messages, like when you've forgotten your username and/or your
password. If you don't have a second email address, you can always use
the email address of someone you trust (like a spouse).
Alternative
email address: This is different from the recovery email address in
that this is a second address that you can use to sign in to your Google
account. It also cannot be a Gmail account or an address that's
associated with a different Google account.
Use Two-Step Verification
This
may be the single best way to protect your account. When you log in
from an untrusted device, you'll be prompted not only for your password
but also for a six-digit code sent to you that's unique for your device.
Even if someone has your password, if they don't have access to your
secondary device where your code is sent, then they can't complete the
login.
In
case of emergency (if you've lost your phone or its battery dies), you
can also generate a list of ten one-use codes that you can print out and
keep in a safe place to use when accessing Gmail from a previously
untrusted device. Notice, that "two-step verification" is not necessarily the same as "two-factor authentication," which can be even tougher to crack.
Use a Strong, Unique Password
There
are lots of places to get advice on how to create a strong password
online, so I won't belabor it again here. Just as important, however, is
to never use the password for your Google account anywhere else. Every
month it seems there's news of a site that has had user credentials
stolen. While you may not care about the data that was on that site,
since so many people re-use passwords that's where the value lies for
the bad guys.
Think
about it: If you forget the password to your bank account, where does
the reset password link get sent? Your email address. The password for
your email should be the strongest of all.
Set Gmail to Always Use HTTPS (SSL)
Unless
there is a technical reason not to, you should have Gmail set to always
use a secure connection (HTTPS). This setting is found under Settings
> General > Browser Connection.
When Using a Shared/Public Computer...
Use
"private" or "incognito" mode in the browser: These modes (available in
most modern browsers) prevent the storage of web history, form data, or
cookies. If you can't use this mode, be sure to clear history and
cookies after you log out.
Log out from your account when you're done: This should go without saying, but people forget.
Don't Fall for Phishing Attempts
No
site should be asking you for your Google Account password except
Google. Don't enter your password on any page you reach after following a
link, even from someone you trust. Go straight to https://www.gmail.com or https://accounts.google.com/ServiceLogin instead.
Keep Your System Secure and Up-to-Date
Keep up with OS and browser updates. Make sure you use a trustworthy malware/virus scanner and keep it up to date as well.
Ingen kommentarer:
Legg inn en kommentar