• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

All Things Secured

Online Security Made Simple

FREE ONLINE SECURITY CHECKLIST! DOWNLOAD NOW

  • Security Basics
    • Start Here (Security Guide)
    • What is a Digital Footprint?
    • What is a VPN?
    • What is 2-Factor Authentication?
    • What is SmartDNS?
    • Bad Security Habits
    • Http vs Https?
  • VPN Security
    • Best VPNs 2023
    • Best Free VPNs 2023
    • VPN Reviews
      • ExpressVPN Review
      • Surfshark Review
      • NordVPN Review
      • ProtonVPN Review
      • VyprVPN Review
      • Mozilla VPN Review
      • IPVanish Review
      • Avast VPN Review
      • Ivacy VPN Review
      • PureVPN Review
      • Atlas VPN Review
    • Frequent Asked Questions
      • Are VPNs Illegal?
      • Tor vs VPN?
      • What is a VPN Kill Switch?
      • What is Split Tunneling?
      • Zero Log VPN?
      • Free VPN vs Paid VPN?
      • Lightway vs WireGuard vs OpenVPN
      • Increase Internet Speed on VPN?
      • How to Watch Netflix in China?
    • 10 Important VPN Features
    • 5 Best VPNs for Routers
    • Common VPN Myths
    • Common VPN Scams
    • VPN Connection Protocols Guide
  • Password Security
    • Password Manager Setup Guide
    • Best Password Managers 2023
      • 1Password Review
      • Dashlane Review
      • NordPass Review
      • Best iOS Password Manager
    • Frequently Asked Questions
      • How Do Password Managers Work?
      • Are Password Managers Safe?
      • Are Chrome Passwords Secure?
    • Double Blind Password Strategy
    • Using Google Authenticator
  • Email Security
    • Secure Email Providers in 2023
    • ProtonMail Review
    • Email Phishing Scams
    • Best Gmail Alternatives
  • Resources
    • Help! I’ve Been Hacked!
    • Password Strength Checker
    • Security Checklist PDF
    • Digital Death Checklist
  • About
    • Contact
    • Advertise

How to Secure Your Gmail Account from Hackers in 2023

January 20, 2023 By Josh

If you’re reading this, you are one of the millions of people who uses Gmail to send and receive their email. Welcome to the (big) club! Unfortunately, you’re also one of those people who stores a lot of very sensitive information in your account and doesn’t really know how to secure Gmail account from hackers. Here are 5 important steps you need to take.

Be sure to subscribe to the All Things Secured YouTube channel!

Feel free to watch through the entire video embedded above, or you can skim through each of the steps below.

Each of these steps should take you no more than 10 minutes to set up, if not less, but they can mean the difference between having your Gmail account hacked or keeping it safe and secure.

Let’s dive in!

Step 1: Create a Stronger Gmail Password

I hate that I even have to share this as a step, but if you don’t have a strong password – or if you’re not sure you have a strong password – you need to change it right now.

A strong password is a random combination of characters – the longer the better – that is unique, meaning that you only use that password for Gmail and not a single other online login.

To change your Gmail password, go to myaccount.google.com/security and click on “Password” under “Signing into Google”.

Change Gmail password

If you need help with passwords, I recommend setting up a good password manager that will not only create these strong passwords, it will also securely store it for you in an encrypted vault.

Step 2: Check Your “Trusted Devices” in Gmail

Now that you’re in the security settings of your Gmail account, you may have noticed a few warnings under the Security Checkup box. Even if Google gives you a pat on the back with a message reading “Your account is protected”, I still recommend you jump over to the security checkup page.

It’s really important to know what you can do with this tool Google provides, both from a monitoring and threat avoidance standpoint.

For example, I can check all of the devices that are “trusted” to open my Gmail account and make sure there aren’t any unknown devices that I can tell Google I don’t recognize.

Trusted devices in a Google account security settings page

Or better yet, let’s say your phone was stolen, this allows you quickly jump in and tell Google to sign that device out so that the thief won’t have access to my email.

Sign out a device in your Gmail security settings

It’s a good idea to come back a couple times a year just to double check and make sure that you know all of the trusted devices on your account.

Step 3: Use a 2 Factor Authentication Key to Lock Gmail

In my opinion, probably the most important change you can make to secure your Gmail account is to turn on 2 factor authentication. Personally, I have multiple keys that I use to secure my Gmail account, including:

  • My primary 2FA key
  • My backup 2FA key
  • My wife’s primary 2FA key (so that she can get in if she needs to)

If you’re not using 2FA, even if you have the strongest password in the world, your account security is at high risk.

Gmail security does not exist with 2-Factor Authentication.

There are many ways that you can activate 2FA, including SMS text, authenticator apps and even backup codes. Thankfully, the most secure way to do this is also one of the easiest to setup.

The 2FA key.

Setting up a 2FA Key for Gmail

There are plenty of 2FA keys you can find on Amazon, but when it comes to this kind of security, I’m very picky about who I trust. If you don’t already have a 2FA key, I recommend Yubikey.

Get $5 off a Yubikey Purchase

Use code ALLTHINGSSECURED

Buy the best 2FA Key

Time needed: 6 minutes

I’ve already done a full tutorial on how to setup a new 2FA key for other accounts, but for your Gmail account it’s pretty straightforward.

  1. Open Your Gmail Security Settings

    Log into your Gmail account, go to myaccount.google.com/security, scroll down and find 2-Step Verification, which is the name that Google gives for 2-factor authentication. Make sure that this is set to “On”.
    Gmail 2 Step Verification Settings Page

  2. Click “Add Security Key”

    Once you’ve turned on 2-Step Verification, Google will give you a number of options, including an authenticator app, SMS text, and a Google Prompt. You want to choose “Security Key” and then click on “Add Security Key” as you see here.Click 'Add security key'

  3. Plug in the Yubikey 2FA Key

    Choose the “USB or Bluetooth” option on the screen. You will be asked to plug in your Yubikey 2FA key into your computer and then press the button to activate.Plug the 2FA key into your computer

  4. Register and Name the Security Key

    Make sure you name the 2FA key so that you remember which one it is. This description will allow you to easily remove any key that gets lost or stolen.Activate and name the 2FA key

Important side note: anytime you use 2FA, you NEED to make sure you have a backup plan. This could be a second key, backup codes that you store securely or something else. The last thing you want to do is lock yourself out of your Gmail account!

Step 4: Review 3rd Party Access to Your Account

If you want to secure Gmail account from hackers, an important step in your Security Checkup after 2FA is to review 3rd party access. Over the years, we allow certain apps or websites to have access to our account and we often forget to remove them when we’re done using that particular service.

For example, you can see here that at some point I allowed Word Cloud for Documents to have access to my account. Since I don’t use that service anymore, I’ll go ahead and remove access.

Remove access to unused third party apps in order to secure gmail account from hackers

You should do the same to any apps or sites that you don’t recognize. And don’t worry, if you make a mistake, they can always ask for new access that you can give them again.

Step 5: Enroll in Google’s Advanced Protection Program

Now for those of you who want an extra measure of security, you can enroll in what Google calls its Advanced Protection Program.

Secure your Gmail account from hackers with Advanced Protection Program

It’s free to sign up, and although it was designed with activists and journalists in mind, it’s open to anybody.

Essentially, the Advanced Protection Program does a couple key things:

  • It forces you to use 2 factor authentication (which I’ve already said is the one thing you need to be doing anyway)
  • The Advanced Protection Program performs stringent checks on file downloads, app installs, malware, etc.

Honestly, I can’t think of a good reason not to enroll in this free program unless you just refuse to buy a required 2FA key.

But, since I know you care about how to secure Gmail account from hackers, a 2FA key is a no-brainer investment. Make sure you grab your own set of Yubikey 2FA keys so that you can lock down your Gmail account.

Further Reading & Resources

  • Best alternatives to Gmail email service
    Best Alternatives to Gmail for Secure Email in 2023
  • Stop using Google Authenticator app
    Stop Using Google Authenticator App! (it's not a secure 2FA in 2023)

Download the Security Checklist!

A Free Resource from All Things Secured

    Primary Sidebar

    Download the free online security checklist!
    Check your password with this password checker by All Things Secured

    Best Personal Privacy Tools

    Use DeleteMe to Remove Your data onlineDeleteMe (remove personal data online)
    Use Traveling Mailbox to keep your address privateTraveling Mailbox (private virtual address)
    Hushed private second phone numberHushed (private 2nd phone line)

    Recommended Password Managers

    1Password Logo Mark1Password (Best Overall)
    Dashlane Logo MarkDashlane (Best for Businesses)
    Bitwarden Logo MarkBitwarden (Best Free Option)

    Best Secure Email Providers

    ProtonMail Logo MarkProtonMail (Best Gmail Alternative)
    StartMail Logo MarkStartmail (from StartPage)
    Mailfence Encrypted EmailMailfence

    Recommended VPNs

    ProtonVPN Logo MarkProtonVPN (Best Overall)
    NordVPN Logo MarkNordVPN (best for streaming)
    iVPN Logo MarkiVPN

    Best Identity Theft Protection

    Identity Guard Logo MarkIdentity Guard (Personally Recommended)

    © 2022 All Things Secured
 · Affiliate Disclaimer 
· Privacy Policy
 · Advertise
 · Contact