At Google, we take online security seriously. To protect your Google Account, we strongly recommend following the steps below regularly.
Note: If you’re a journalist, activist, or someone else at risk of targeted online attacks, learn about the Advanced Protection Program.
Go to Security Checkup to get personalized security recommendations for your Google Account, including:
Add or update account recovery options
- Block someone from using your account without your permission
- Alert you if there’s suspicious activity on your account
- Recover your account if you’re ever locked out
2-Step Verification helps prevent a hacker from getting in to your account, even if they steal your password. To avoid common phishing techniques associated with text message codes, choose a stronger second verification step:
Increased security: Advanced Protection
If you’re a journalist, activist, or someone else at risk of targeted online attacks, consider enrolling in the Advanced Protection Program for a higher level of security. Advanced Protection uses security keys to protect against phishing and includes other protections like blocking unsecure apps.
Turn on screen locks
Screen locks help protect your devices from being used without your permission. Learn how to set screen locks on an Android device.
Note: For info on adding a screen lock on other devices and computers, visit the manufacturer’s support site.
If your browser, operating system, or apps are out-of-date, the software might not be safe from hackers. Keep your software updated to help protect your account.
Update your browser
Make sure you’re using the latest version of your browser.
Learn how to update Google Chrome.
Note: For info on updating other browsers, visit the developer’s support site.
Make sure you’re using the latest version of the operating system on your device or computer.
Update Android devices
Learn how to check and update your Android version.
Learn how to update your Chromebook’s operating system.
Note: For info on updating other devices and computers, visit the manufacturer’s support site.
Make sure you’re using the latest version of the apps on your phone or computer.
Update Android apps
Consider turning on automatic app updates for your Android devices to help make sure you’re always using the latest version.
Note: For info on updating apps on other devices and computers, visit the manufacturer’s support site.
Turn on Google Play Protect
Google Play Protect helps keep Android devices safe from harmful apps. Learn how to turn on Google Play Protect.
Step 3: Use unique, strong passwords
It’s risky to use the same password on multiple sites. If your password for one site is hacked, it could be used to get in to your accounts for multiple sites.
Make sure to create a strong, unique password for each account.
Manage your passwords
A password manager can help you generate and manage strong, unique passwords. Consider using one from Chrome or another trusted password manager provider.
Tip: To find out if any passwords saved in your Google Account may be exposed, are weak, or are reused for multiple accounts, you can use Password Checkup.
Help protect your password from hackers
As more apps are installed on a device, it can become more vulnerable. Install only essential apps and browser extensions on devices that have access to sensitive information. Avoid installing unknown apps or apps from unknown sources to protect your device and personal info.
Learn how to:
Note: For info on removing apps and extensions from other devices and browsers, visit the applicable support site.
Step 5: Protect against suspicious messages & content
Hackers can use emails, text messages, phone calls, and web pages to pretend to be institutions, family members, or colleagues.
Avoid suspicious requests
- Never give out your passwords. Google will never ask for your password in an email, message, or phone call.
- Don’t reply to suspicious emails, texts, instant messages, webpages, or phone calls that ask for your personal or financial info.
- Don’t click links in emails, messages, webpages, or pop-ups from untrustworthy websites or senders.
Avoid suspicious emails
Gmail is designed to help protect your account by automatically identifying suspicious emails. You can also use these tips to help you identify suspicious emails and settings:
- Check if a Gmail message might be fake.
- See if the email address and the sender name match.
- If you get a suspicious email in Gmail, report spam or phishing to help us stop similar emails in the future.
- Check your Gmail settings to make sure there’s no unfamiliar activity.
Tip: If you're using Gmail on your computer, point to a link without clicking on it. At the bottom left, look at the web address and make sure it's what you expect.
Avoid suspicious web pages
If you notice suspicious activity on your account
Follow the steps to help secure your account.