Lots of people use Gmail for their email, either using Google’s website in a web browser, or through an email client. You may use an @gmail address, or you may have a domain hosted on Google’s G Suite. When you use Google for your email—as well as for search, maps, and more—there are a number of security and privacy options you can set.
Google has a full set of tools you can use to check and tweak your security settings, for both Gmail and for the rest of its services. In this article, you will discover how to run a Google Security Checkup, a Privacy Checkup, and how to tweak Google’s settings, so your account is secure.
Begin by going to myaccount.google.com, where you can manage many of the settings for your Google account. You’ll see several main sections on this page, one for Privacy & Personalization, one for Security Checkup, one for Account storage, and one that offers to let you Take the Privacy Check-up. And there are additional options in the sidebar, such as your Personal Info, Data & Personalization, Security, People & Sharing, and Payments & Subscriptions.
Google Security Checkup
Start with the Security Checkup (this may display Security issues found, if there are issues you need to check). Click Secure Account in that section, sign into your account, and follow the instructions. There are five items in this checklist to run through.
This lists app-specific passwords that you have created for specific devices or services; you’ll see this if you have two-factor authentication turned on. In my case, Google tells me that there is an issue found, and asks me if I still need to use the app password for the Mail app on my Mac. Curiously, it shows the last time it was used – a few minutes ago at the time of this writing – so it’s clear I’m still using it. It also shows a password for an Android phone I own, that I haven’t used in months. Check if there are any passwords for apps you’ve tried out and no longer use. (I found a few.)
You can now check all your devices. These are computers, tablets, and smartphones that have logged into your Google account. If you’ve recently sold or given away a device, it’s a good idea to remove it from the list. Or if you see an unfamiliar device in the list, you should remove it. Click the three-dot menu and choose Sign Out. If you need more information, click Don’t recognize a device? and follow the instructions.
Recent security events
You can now see recent security events. This tells you when you logged into your account from different devices, and lists any changes you’ve made, such as to your password, or to your recovery phone number or email address. If anything looks suspicious, click Don’t recognize an event? and follow the instructions.
The next section is for 2-Step Verification. We’ve discussed two-step verification for a number of services, such as Amazon and iCloud. Google offers a similar feature, which protects your email and the rest of your Google account. It’s a good idea to set it up if you haven’t already. If you have already set up 2-Step Verification, you’ll see your phone numbers here, and you’ll also see if you have set up an authenticator app to create one-time codes. If not, you can turn on 2-Step Verification. (See this Google page for instructions on how to turn this on.)
In the Gmail settings section, you’ll see any addresses that you have blocked, but most of the settings for your Gmail account are accessible from within the account. See below for more on Gmail settings.
If you return to the main account page, you can access other settings in the sidebar.
This section is where you update information about yourself, such as your name, date of birth, and password; this is information that is visible to others in your Google profile. (Edit what is visible in the Choose what others see section at the bottom of the page.) You can edit your contact info – alternate email addresses, a recovery email address, and others. You can also edit and verify a phone number that you use for two-factor authentication.
Data & personalization
This section offers a number of options. You can Take the Privacy Checkup, which walks you through a number of settings about how much of your data is stored and/or shared. This covers your "Google experience," YouTube, Google Photos, information that others can see, and ad preferences.
In the Personalize your Google experience section, you can turn on or off the recording of certain types of information such as Web & App Activity, Location History, Device Information, Voice & Audio activity, YouTube Search History, and YouTube Watch History. You can then manage what you share on YouTube, manage Google Photos settings, and more.
In the Security section, you’ll see some settings that also show up in the Google Security Checkup, described above. But there is also a Signing in to other sites section, which lists any websites where you gave signed in with your Google account. It’s a good idea to check these. The Password Manager section lists passwords that you have stored in Google Chrome; these are independent of any third-party password manager you may use. And Linked Accounts are ones where you have given Google access to your data from third-party sites. Check those, if there are any.
People & sharing
This section gives you access to your contacts, if you are using an Android device or Chromebook, and also lets you manage location sharing and lets you choose what others see about you (which are also available in the Personalize your Google experience section discussed above).
Payments & subscriptions
This section covers payment information, purchases, subscriptions, and reservations that you have paid for with Google Pay. If you don’t use Google Pay, you won’t have any data here. However, I found that I had an old, expired credit card in the Payment methods section; I don’t remember ever using it, and it had expired two years ago, but I deleted it anyway.
Gmail security tips
The Gmail Security tips page gives you some advice on securing your Gmail account. The first step sends you to the Google Security Checkup discussed above. The second step is a number of security tips specific to a computer, an Android device, or an iPhone or iPad. It includes items such as creating a strong password, checking your Gmail settings (see below), updating your browser, and reporting scams, spam, and phishing.
To check settings for your Gmail account, log into that account. Above your inbox, to the right, you’ll see a gear icon. Click this, and you’ll see a number of settings. Most of these affect the way Gmail displays, how it handles different types of messages, any filtered or blocked addresses, and more. If you go to the Accounts tab, then the Google Account Settings, this takes you back to the main page where we started this article.
It’s a good idea to go through all of these security and privacy checks from time to time. Even if you only use Gmail, you still need to check your overall Google account settings to make sure your data is secure and your identity is protected. Google makes it fairly easy to manage security on your account, as long as you know where to look, but they also change the layout and scope of the settings, so if you haven’t checked them in a while, this would be a good time to do so.
Have something to say about this story? Share your comments below!