How To + Security & Privacy

How to Manage Gmail and Google Security and Privacy Settings

Posted on January 20th, 2016 by

Google Security and Privacy settings checklist

Lots of people use Gmail for their email, either using Google's website in a web browser, or through an email client. You may use a @gmail address, or you may have a domain hosted on Google Apps for Work. When you use Google for your email—as well as for search, maps, and more—you have a number of security and privacy options you can set.

Google has a good set of tools for checking and tweaking your security settings, for both Gmail and for the rest of its services. In this article, you will discover how to run a Google Security Checkup, a Privacy Checkup, and how to tweak Google's settings, so your account is secure. And I'll walk you through Google's Gmail Security Checklist.

Begin by going to, where you can manage many of the settings for your Google account. You'll see several sections on this page, one for Sign-in & security, one for Personal info & privacy, and another for Account Preferences.


Google Security Checkup

Start with the Security Checkup. Click Get Started in that section, sign into your account, and follow the instructions. There are five items in this checklist to run through.

Recovery Information Check

Google asks you to enter a recovery phone number and email address; these let you get back into your account if you've lost or forgotten your password, so it's a good idea to enter phone numbers. After filling that section in, click Done.

Recent Security Events Check

You can now see recent security events. This tells you when you logged into your account from different devices, and lists any changes you've made, such as to your password, or to your recovery phone or email. If anything looks suspicious, click Something Looks Wrong, and then follow the instructions. Otherwise, click Looks Good.

Connected Devices Check

You can now check all your connected devices. These are computers, tablets, and smartphones that have logged into your Google account. If you've recently sold or given away a device, it's a good idea to remove it from the list. Or if you see an unfamiliar device in the list, you should remove it. Click Something Looks Wrong, and follow the instructions.

Account Permissions Check

In the next section, you can check your Google account permissions. This is a list of apps and websites that are authorized to access your Gmail or Google account. If you've tried out email apps, for example, and granted them access to your Gmail account, but no longer use them, you should click Remove here for each of them. Click Done when you're finished.

2-Step Verification Settings Check

The final section is for 2-Step Verification. We've discussed two-step verification for a number of services, such as Amazon and iCloud. Google offers a similar feature, which protects your email and the rest of your Google account. It's a good idea to set it up if you haven't already. If you have already set up 2-Step Verification, you'll see your phone numbers here. If not, you can turn on 2-Step Verification. (See this Google page for instructions on how to turn this on.)

When you're all done, you'll see a summary of what you've checked. Click Continue to go back to your account settings page.


Google Privacy Checkup

The Privacy checkup offers another group of settings that you should check. From the account page, click Get Started under Privacy Checkup.

Most of these settings apply to Google+, YouTube, and what type of data Google stores, and who can view it. Have a look through these and adjust anything you don't like.

Gmail Security Checklist

The Gmail Security Checklist is a 9-step checklist that is specific to Gmail accounts. It includes items such as creating a strong password, setting your recovery options (which we saw above), checking your account for unusual activity (also above), and then looks at specific Gmail settings.

To check settings for your Gmail account, log into that account. Above your inbox, to the right, you'll see a gear icon. Click this, and you'll see a number of settings. The page in the Gmail Security Checklist shows which settings you should specifically check to ensure that your Gmail account is secure.

Other steps in this checklist tell you to check your computer for malware (such as with Intego VirusBarrier), ensuring that your operating system is up to date, and downloading important app updates as well. You sould especially make sure your web browser is up to date; if you access your email with a browser, security holes in this app could leak your email, or open you to security threats.

The checklist also helps you understand 2-Step Verification, avoid phishing and scams, and restrict which services and apps have access to your Google account.

It's a good idea to go through all of these security and privacy checks. Even if you only use Gmail, you still need to check your overall Google account settings to make sure your data is secure and your identity is protected. Google makes it fairly easy to manage security on your account, as long as you know where to look.

Have something to say about this story? Share your comments below! 

About Kirk McElhearn

Kirk McElhearn writes about Macs, iPods, iTunes, books, music and more on his blog Kirkville. He is co-host of the Intego Mac Podcast and PhotoActive, and a regular contributor to The Mac Security Blog, TidBITS, and several other websites and publications. Kirk has written more than twenty books, including Take Control books about iTunes, LaunchBar, and Scrivener. Follow him on Twitter at @mcelhearn. View all posts by Kirk McElhearn →
  • crashwrite

    It’s actually not possible to ‘secure’ a gmail account, as the single biggest security threat to that account is Google, themselves.

    If I were to offer you $2, would you allow me to download all of your emails, analyze them and then use the information I found in order to sell you stuff? If you wouldn’t allow me to do that, why would you give Google that deal?

    The best way to secure a gmail account is to delete it. Then, go to Rackspace or and pay them a nominal fee to provide you with enterprise-grade email service and support. If $2/month is over your budget, then use iCloud. Apple’s stated policy, at least, is that they don’t scan iCloud emails for advertising purposes.

  • JanetHudgins

    My university email address has been hacked by the 400lb boy sitting on the edge of a cot. He was able to go directly to the inboxes of three people. Also, expect the same person tried to blackmail me. And there are the dailies from the wannbe pimp. I’m not well versed in tech stuff, just need to protect myself from the lonely creeps of the world. Any advice gratefully received.

  • James Larew

    Google security settings. I have changed to a different login & Password because GOOGLE requires it, Have used 1 ID for 5 or 6 years withut a preoblem! I have phone, and settop box that is GOOGLE oriented. Recently changed password on my trusty box on back of my Monitor and Now don’t have access to my chrome box. Hate it when GOOGLE makes me screw up my own way of using a google. Anyone know anything else I can do to get google to let me use my own 5 or more year old GOOGLE system. They haven’t removed my access to my phone yet, hate to even think about that!!!!!!!