There are two to tango, and the same is true for an effective online security strategy. What does it mean? One the one side, the company offering a service needs to make sure that user accounts are protected on their servers, that no one can exploit vulnerabilities to gain login information or other data from users of the service. On the other side, is the user and the local computer the service is accessed from. The user too has responsibilities like making sure the computer is running up to date software.

Google recently has created the Gmail Security Checklist to aid users in tightening the security of their Gmail account.

The checklist lists a total of 18 different items that are divided into five groups.

  • Your Computer: Check for viruses and malware, Make sure your operating system is up to date, Make sure to perform regular software updates.
  • Your browser: Check your browser for plug-ins, extensions, and third-party programs/tools that require access to your Google Account credentials, Make sure your browser is up to date
  • Your Google Account: Change your password, Check the list of websites that are authorized to access your Google Account data, Update your account recovery options
  • Your Gmail settings: Confirm the accuracy of your mail settings to ensure that your mail stays and goes where you want it to, Check for any strange recent activity on your account, Use a secure connection to sign in.
  • Final Reminders: Watch out for messages that ask for your username and/or password. Gmail will never ask for this information, Never give out your password after following a link sent to you in a message, even if it looks like Gmail’s sign-in page. Access Gmail directly by typing https://mail.google.com in your browser’s address bar, Don’t share your password with other websites – Google can’t guarantee the security of other websites and your Gmail password could be compromised, Keep secrets! Never tell anyone your password, or your secret question and answer; if you do tell someone, change it as soon as possible, Clear forms, passwords, cache and cookies in your browser on a regular basis – especially on a public computer, Only select ‘Stay signed in’ if you’re signing in from a personal computer, Always sign out when you’ve finished reading your mail.

Those short reminders alone won’t help a lot of users protect their account login and data. A read more button is displayed next to each item that contains further explanations and links to related services, software and information. The check for viruses and malware link for instance links to a page that lists antivirus software to perform those checks.

It will take more than a minute to go through all the items, but it can be very well worth it. Experienced users may be able to complete it just by looking at the titles of each suggestion, while inexperienced users may need to click on the read more link for additional instructions and links.

Gmail Checklist in 30 seconds or less:

Make sure your operating system, software and web browsers are up to date. Make also sure you run an up to date antivirus software.

Check Google account and Gmail settings to make sure that only authorized websites and services are able to access them.

Update your account recovery options and regularly check for recent account activities.

Finally, make sure you always use a secure connection to sign in, and make sure to log out whenever you are finished using the service.

Keeping those basic rules in mind goes a long way to keep any account on the Internet secure.

Check out the Gmail Checklist at Google.

Explore More

Hack Tools, Utilities and Exploits

Packetstorm Last 10 Files glsa-200901-13.txt – Gentoo Linux Security Advisory GLSA 200901-13 – Multiple vulnerabilities have been discovered in Pidgin, allowing for remote arbitrary code execution, denial of service and

You’ve Hired a Hacker (Section 2)

Section 2: Social issues 2.1: My hacker doesn’t fit in well with our corporate society. She seems to do her work well, but she’s not really making many friends. This

What are cryptographic attacks?

Cryptographic attacks are methods of evading the security of a cryptographic system by finding weaknesses in such areas as the code, cipher, cryptographic protocol or key management scheme in the