[DOIT] Free Google Security Checkup
As part of “Safer Internet Day 2016” Google is encouraging everyone to do a Security Checkup. As a reward for completing this two-minute task, you'll get a free boost of 2 GB in your Google Drive storage allotment. Even if you don't care about the extra storage, I do strongly recommend that you take the Security Checkup. And when you're done, I have an extra credit assignment for you...
What is the Google Security Checkup?
It's becoming a more dangerous world every day, both offline and online. So it makes sense to take a good look at your security practices, and ensure that everything is in order. You may remember that last year, Google made the same offer of free online storage for completing the checkup. So YES, you can (and should) do it again. You should see the extra 2GB in your Google Drive account shortly afterwards.
The steps below will help you secure your accounts from unauthorized access, and recover them if they are ever compromised. Here is a guide to what you'll see in the five-step Security Checkup. (That's the link to start the checkup.)
Step One is to add or double-check your account-recovery information, which includes the alternate email address and/or phone number that Google can use to contact you and verify your identity in the event your account is compromised.
Let me emphasize something here, because silly rumors abound. Google doesn't want or need your cell phone number. Nor will they call you at 3am, or sell your number to spammers. HOWEVER, if YOU CHOOSE to provide it here, it can be used to recover your account in the event that it is ever compromised.
Last year, Google gave the option to provide the answer to a secret question that confirms you are who you claim to be. But Google no longer supports security questions as a way to access your account. When I did my checkup, the security question was still there, but with no option to change it. Remove that option if it appears in your recovery section.
Next, check your connected devices to see if anything looks suspicious. For instance, does it show that you logged in from somewhere in Texas when you know you were in Colorado? Does it show that your account was accessed by an iPad, and you have only desktop PCs? If you suspect unauthorized use of your Google account, change its password immediately.
In the third step, you'll check your account permissions and decide whether to allow certain websites and apps to access your Google account. Make sure you recognize, use and trust all of the items that appear here, or remove the ones you don’t. For example, mine showed that Google Chrome, Pushbullet and SMS Backup+ were connected, with varying degrees of access. I recognize those apps, so no action was required. I wasn't sure why Motorola Store had access, so I nuked that one.
Fourth, review your app passwords. This step won't appear for all users. Google generates passwords for apps that don’t use 2-Step Verification. Please make sure you only store passwords for apps you know, use and trust.
Fifth, check your 2-Step Verification settings. This step will only appear if you are using 2-Step Verification. I strongly recommend the use of 2-Step Verification, to add an extra layer of security to your Google account, and other online accounts when it is offered.
If it's enabled for your account, make sure your 2-Step Verification settings are up to date. Use the 2-Step Verification settings page to configure how you will receive verification codes, or to generate a printable list of backup codes that can be used when your phone is unavailable.
Do the Two-Step
“2-Step Verification” is one of the easiest and best protections against account hijacking available. (See my article IMPORTANT: An Extra Layer of Security.) Any log-in attempt requires both your password and your mobile phone. You type in the password and Google sends a one-time code to your phone via SMS message or automated voice call. Even if hackers obtain or guess your password they can’t access your Google account without the access code. (You do have a screen lock on your mobile phone, right?) You can also get a printable list of two-factor authentication codes, to use in the event that you don't have access to a phone.
After 2-step verification is used at least once on a given computer, you can tell Google not to require it again on that particular computer. I’d recommend this time-saving option only for computers that are secured in your home or office, not for laptops that are more likely to go missing.
For Extra Credit (and Protection)
Once you've finished the Google security checkup, I encourage you to read (or re-read) these articles to make sure you've got all the other computer and Internet security bases covered:
- Protect Your Computer With Free Anti-Virus Software
- Computer Security: The Missing Link
- Wireless Network Security Checklist
- Do I Really Need a Firewall?
- Downloading? Watch Out For These Danger Signs
Your thoughts on this topic are welcome. Post your comment or question below...
This article was posted by Bob Rankin on 10 Feb 2016
|For Fun: Buy Bob a Snickers.|
[ZAP!] Don't Buy the Wrong USB-C Cable
The Top Twenty
Geekly Update - 11 February 2016
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- [DOIT] Free Google Security Checkup (Posted: 10 Feb 2016)
Copyright © 2005 - Bob Rankin - All Rights Reserved