In a sensational news last week, some hackers from Russia stole more than 4.9 million Google accounts and passwords and published them on an online Bitcoin community, resulting in one of the biggest instances of security breach that has hit the Internet giant. However none of the Internet systems of Google have been broken into and it was mostly confined to third-party websites and applications where the users login with their Gmail IDs. Most of the passwords are quite hold, thus limiting the damage caused by the incident. However, it raises a pertinent question – in a world where almost every Internet user has a Google Account, are we doing enough to make sure that our account is secure ?
In this article, let’s take a look at the most common security mistakes that we do when it comes to protecting our Google accounts, and how can we overcome them:
Problem 1: Weak Passwords
Most of the so called hackers are not genius geeks and they mostly rely on brute force attack or information harvesting to break into the online accounts. And we help them by keeping easy to remember – and guess – passwords. Should you really blame the bad-bad world if your ID is john.doe and password is john123 ?
There is no alternative of a tough and easy to guess password. Make it at least 8 characters long with a combination of alphabets, numbers and special characters, easy to remember and difficult to guess. Do not share your Gmail password with anyone or any application other than Google. Remember, your Gmail password is not just about email, it is your passport to Google docs, Social media, Android Mobile, personal information and much more; and it deserves more attention.
Problem 2: Insecure Computer or Browsers
Let’s face it, the best Anti Virus Software is often not free. In order to save money on Anti Virus, or out of sheer ignorance, we sometimes fail to properly secure our computers. Vulnerabilities can creep inside the machine in the form of Trojan Horse or Malware. This kind of situation not only threatens your Internet accounts, but also the personal data.
Secure your computer by investing in a good antivirus with firewall, keep the anti-virus signatures updated on a daily basis and schedule regular scans. Cooperate with the Operating System makers and install the latest OS updates as soon as they come. Make sure that you have the latest versions of the Internet browsers. Be vary of third-party browser plugins and do not install them on your primary browser unless you are totally sure of their trustworthiness. Stay away from suspicious sites which may try to push a malware to your computer.
Problem 3: Password Harvesting
There are many third-party sites which require a login with our email ID and a password. Sometimes, for the ease of remembering, for passwords to these sites we give the same passwords which exists for our Gmail (or any other email). Now the security levels on these sites may not be at par with what giants like Google, Yahoo or Facebook have in place. As in the current incident, these third-party websites, when hacked, become the prime source of harvested IDs and passwords.
Never ever use your Gmail password to create login on any other website. It must be unique and should be used only for the purpose it was created. If you are worried about having too many passwords, then you can either use a password manager or simple create different tiers of passwords, the important ones for your email, paypal, netbanking etc; a common set of difficult passwords for important websites and simpler passwords for not so important/ secure websites.
Other ways of securing your Gmail
- Make use of the 2-step authentication of Google. That will practically eliminate any chances of you ever getting hacked.
- Update your password, security questions and recovery email.
- Always use a secure connection when trying to login. Do not hit a url which is not https or which does not come from Google.
- Always sign out and clear cookies after using a public computer.
- Run scans, clear cookies, caches and saved passwords on a regular basis.
For more, please visit the Google Support website here