Email is a necessary evil in our society. Although you may text and chat with your friends and family, you have to communicate via email in the business world. With such sensitive information in your inbox, and your account being accessible via multiple devices, you should take the security of your email account very seriously.
If you are using Gmail by Google, here are some tips on how to effectively protect your account, and all of your valuable information.
1. Keep your account updated
Google has a variety of useful security options. Input your mobile phone number to receive text alerts whenever anyone signs in on a device you haven’t specifically listed or uses an incorrect password. You can also input a recovery email address for the same purpose.
Gmail also allows you to log in with an alternate email address as well, in the event you forget your username or password, although I find this step to be more of a liability than a security feature.
2. Use a strong password
I know it’s a pain, and I get that you’re inundated with logins from work and home. I live in the same world you do, but the reality is that you need to use different passwords for every account. Your email account should be the strongest one, because it’s where all your other password recovery options are sent to. It should have a mixture of uppercase and lowercase letters, numbers, and special characters.
It’s easier than it sounds. If you want your password to be “password,” simply make a few adjustments, and you can use pa55Word!, Pa55word!, or [email protected] That’s three separate passwords using the most common (and worst) password you can use.
This is for your own protection. Otherwise, if a hacker gets your password from the Target or Sony data breaches, he can access your email, bank account, and everything else in your life. Everything is suddenly insecure because of some hacker breaking into a video game or retail store’s network…savvy?
3. Activate two-step authentication
Passwords are like locks on a door–they keeps you safe to the point that someone wants to use brute force to gain entry. In these cases, security systems like ADT are helpful for your home. For your email, this comes in the form of two-step authentication.
When you activate two-step authentication and download the Google Authenticator app on your smartphone or tablet, you’ll be asked to enter a code from the app every time you log in to your email account. This means that the only way someone can access your account is with access to your device (and knowledge of the authenticator app). You can also generate ten keys at a time to use when you don’t have access to your phone.
4. Protect your devices
In case you haven’t noticed, the majority of these security options assume you have your phone. Unfortunately, your phone is likely to be lost or stolen. If someone takes your phone, they’ll have full access to anything in your email, as you likely don’t have it set to force you to log in each time you access it. The security of the device is vital at this point
Password protect your devices. In the event a device is lost or stolen, ensure you deactivate/track it remotely using Android Device Manager, Find My iPhone, or a third party app, such as Lookout. Also, log in to your email from a computer and migrate your security options away from that phone.
5. Secure your connection
Gmail automatically defaults to a secure HTTPS connection, but that’s not enough for me. You don’t have to go through the process of encrypting your email, but I’d recommend it. It’s the difference between sending a postcard, and a letter in a sealed envelope. Your account is secure either way, but with encryption your messages are secure while transmitting to other accounts.
I access my email through Thunderbird, a free email app from Mozilla (the makers of Firefox). This allows me to pull the emails off Google’s servers and on to my local hard drive. In addition, I’m able to encrypt my email with a PGP extension prior to it even hitting Google’s servers. Some people I know even reroute emails through various forums to ensure they’re untraceable.
6. Use common sense
You can build the most secure email system in the world, but it’s still only as secure as the end-user. If you click random links in your email, you’ll compromise your account. If you write your passwords down, you’re compromising your account. You are in charge of keeping your account secure.