Gmail, Google's popular and free email service, informs its users of any suspicious activity on their account. This includes any suspicious new login. Every time you use a new device (like a new smartphone or tablet, or a shared computer somewhere) to log in to your Gmail account, Google sends an alert to the device you specified to receive security alerts.
Suspicious logins include those that do not follow the usual login pattern, such as logging in from an unknown location. In most cases, Google will ask the user some security questions. If they don't respond and give up trying to sign in, Google will send an alert to the device or account designated by the owner.
In unfortunate cases when someone tries to hack into your Gmail account, the alerts that Google will send will only provide one data point – a login date, a browser, a location. But what if your email has been compromised and it is not a one-time situation, but something that has been going on for a while? What if someone has been monitoring your email activity or sending malicious emails on your behalf? In this article, we will show you how to do a thorough and effective review of your Gmail login history, so you can detect if there has been a pattern of use by an unauthorized user.
Getting to the bottom of the problem
To detect unauthorized users, you must know who the authorized users are. More specifically, Gmail doesn't really track users, it tracks sessions. These sessions are identified by the device, the browser software and the IP address used for access. Consequently, you will need to know what devices you have used to access your Gmail account, the IP addresses from which you accessed it, the browsers you used to do so, and the exact dates when you logged in to check your email. .
The second step is to check your login history to determine when and where someone else used your account. By doing this, you can mark unauthorized access points and prevent them from happening again.
Checking Gmail login history
If you want to see your Gmail login history, you must first log into your account. At the bottom right of your dashboard, click the Details button. This should open a new tab with your account activity information.
The tables you see list the browser used, the IP address, the country of origin, and the login date and time. From this new tab, you can choose to log out of all active web sessions if you see any foreign activity.
You can also check other details regarding each login by clicking the Show details link next to the browser tag.
Another way to see your login history is to visit the Recent security events page. There you can view new logins from unauthorized locations and bookmark them.
You should also know that if you use another device, such as an iPhone with a 3G network, the address will be different from that of your home or office computer. Once you know both directions, you should be able to know which logins were not authorized. (See our related article to find out if someone else is using your Gmail account.)
Beware of the VPN
You can immediately detect a rash of suspicious logins from another location. However, before concluding that you were hacked, check to see if you have been using a virtual private network (VPN) package to cover your web browsing tracks. VPNs usually spoof Internet IP tracking mechanisms to make your computer appear to be somewhere else (and someone); if you had a VPN In execution, it can be a bit tricky for you to make heads of your session logs.
This is not an argument for not running a VPN, by the way. VPNs definitely add a layer of security to your online sessions. However, be aware that they can complicate efforts to interpret security logs.
Why it is important to check Gmail login history
By the very nature of being a cloud-based email service, Google cannot simply automatically block IP addresses and unauthorized devices from logging into an account. They would be blocking their legitimate users every time those users changed phones or used a different machine. The only steps they can take are the ones they take, marking potentially suspicious events as mysterious logins for your attention.
Most of us don't change our passwords regularly, if at all, so checking your login history from time to time is a good way to detect any mischief that occurs with your email. It doesn't take long, and prevention is better than cure. Also, even if you change your password regularly, you may not always know if someone has a keylogger on your computer or some other way to find out your password. If you encounter authorized legitimate logins, but since times and dates you knew you weren't in Gmail, maybe someone has physical access to your machine and is taking advantage of it.
The best way to keep your Gmail account secure is to periodically check your login history and report on devices that shouldn't have access to the account. The good news is that any new access point is marked by Gmail. You should receive a notification email almost instantly so you can take quick action.
Other security steps
There are other proactive steps you can take to increase the security of your Gmail account.
One step is to set up a recovery email and phone number, if you have not already done so, an email and phone number that you know are not compromised, so that in the worst case you can recover control of any hacked account. This is simple and easy to do; Google will guide you through the process.
Turn on Gmail 2-Verification steps from your computer
Another step is to set up two-step verification on your account. Two-step verification adds another step to the login process. In addition to your username and password, you can have a physical device that you insert into the machine you are using to validate that it is you, or you can have Google call or text you with an authorization code. You can also have Google send a message directly to your physical log phone to verify that it is you. These steps can be a bit annoying if you sign in frequently, but they make it virtually impossible for someone to hack into your Gmail account without physically compromising their systems. To configure two-step verification:
- Go to your Google account.
- In the left navigation panel, click Security.
- About him Logging into Google panel, click 2-Verification steps.
- Click Start.
- Follow the steps on the screen.
Turn on Gmail 2-Step Verification on Android
- On your Android device, open your device's Settings, then Touchez Google.
- Select Manage Google Account.
- Then Touchez Security.
- Select 2-Step Verification from the Sign In to Google menu.
- Touchez Get started and follow the on-screen steps.
Set up backups
Setting up an account backup is a safety net to access your account in case you forget your password, lose your device or get locked out of your account for other reasons. To configure backups, follow these steps:
- Sign in to your Google account.
- Touchez Security
- Touchez on 2-Step Verification in the Sign in to Google panel.
- Add at least one of these second steps:
- Authentication application codes
- Backup codes
- Backup phone