In today’s day and age, a compromised email account can have a debilitating effect on an individual. We use email to do everything from contacting friends and colleagues, to sending sensitive documents to realtors. Here are some tips that you can use to reduce the risk of your Gmail information getting compromised by hackers.
- Use a strong password. This step is often overlooked which is unfortunate because a brute force attack can easily crack a weak password by trying millions of precompiled password combinations. There are multiple aspects to a strong password.
– It should avoid using real words such as cat or dog as these words are easily found in a dictionary which means an attacked can literally try every combination of words found in the dictionary to eventually crack your password.
– The longer the password, the harder it is to crack. There’s multiple schools of thoughts regarding what a minimum password length should be but many agree that 12 characters will provide a medium level of security and 20+ characters will significantly increase the difficulty associated with cracking a password.
– It should include special characters and if allowed, spaces (pressing the space bar) - Enable two factor authentication.
– The beauty of two factor authentication is that it essentially serves as your guardian angel. Imagine this, a hacker has gained your password, logs into Gmail, enters the stolen credentials, and bam! They’re hit with a message that states that they must wait until a confirmation is received in order to log in. Well that’s what happens when you enable two factor authentication. Using Gmail you have multiple options for your second factor of authentication. A physical key such as a YubiKey, a SMS text that contains a one time usable code, Google Authenticator which acts as a digital authentication token, and prompt that’s generate on your phone to confirm that you want to log in, or a voice call. - Avoid reusing passwords.
– So you used a strong password for Gmail, great! However, you used the same password on another websites and guess what? The company forgot to properly protect your password and was hacked and now the hacker has a list of all emails and passwords associated with said hacked website. The hacker, being a curious individual, attempts to log into your email using the stolen password from the hacked site and guess what? He now has access to your email account! This is essentially what happens when emails and passwords are obtained from a breach.
Two factor authentication can help thwart this however, why take the risk and race against the hacker to enable two factor authentication before he can log into your account when you can just limit your risk by creating multiple strong passwords (assuming two factor authentication hasn’t already been enabled)? You can also use a password manager to securely store your strong passwords for all of your sites. By using a password manager, you only need to remember one password and once logged in, you can see all the passwords that you created in the tool! - Avoid falling prey to phishing attacks.
– This point can be it’s own topic and there have been 100s of booked published regarding social engineering so to avoid going into the rabbit hole, I’ll provide you with a few high level tips. Always check the URL listed in an email to make sure that it actually goes to the site in question. You can enter the email into multiple websites to confirm if it’s the intended site, hover over a hyper link to see the full URL path, or go directly to the website if you still don’t trust the link in question. Always err on the side of caution when dealing with suspicious emails. If you received an email from a coworker and something doesn’t feel right. Simply call them or walk to their desk and confirm that they indeed sent you the message.
There are additional tips you can use to secure your digital identity; however, the above tips are great starting points.