DON'T USE GMAIL unless you make these 5 Critical Security Changes

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
Your Gmail account contains some of the most  sensitive personal information about you and is   hands down the most vulnerable link in your online  security profile. More than likely, some document   you’ve sent or received contains your full name,  your address, and even your social security   number. It doesn’t matter how empty your bank  account is, this information can easily be used   to maliciously steal your identity, destroy your  credit and lock you out of your online accounts.  In other words, the five simple steps for  securing your Gmail account, I’m about to share   with you - steps that will only take a few minutes  to implement - aren’t just something to consider   “someday”. It’s critical to do this RIGHT NOW. Welcome to All Things Secured, my name is Josh   and as somebody who has personally had their  Gmail account hacked in the past, I can tell you   from experience how annoying and time-consuming  it is to recover from this kind of attack. You   don’t want to have to go through that, trust me. By the way, this video is sponsored by Yubico,   a company I’m really proud to represent,  and there’s a very good reason for that   which I’ll explain in a moment. For now,  let’s jump right into your Gmail settings.  I hate that I even have to share this as a  step, but if you don’t have a strong password,   please, please change it right now. A strong  password is a random combination of characters,   the longer the better, that is unique, meaning  that you only use that password for Gmail and   not a single other online login. To change your Gmail password,   go to myaccount.google.com/security and click  on “Password” under “Signing into Google”.   Make sure you create a better password that  you won’t forget and isn’t used anywhere else.  Now that you’re in the security settings of your  Gmail account, you may have noticed a few warnings   under the Security Checkup box. Even if Google  gives you a pat on the back with a message reading   “Your account is protected”, I still recommend  you jump over to the security checkup page.   I’ll have a link in the description or you can  just type in what you see here on the screen.  It’s really important to know what you can do  with this tool Google provides, both from a   monitoring and threat avoidance standpoint. For  example, I can check all of the devices that are listed as “trusted” to open my Gmail account and make sure  there aren’t any unknown devices that I can tell   Google I don’t recognize. Or better yet, let’s  say my phone was stolen, this allows me to quickly   jump in and tell Google to sign that device out  so that the thief won’t have access to my email even if they're able to get into that device. In my opinion, probably the most important  change you can make to secure your Gmail   account is to turn on 2 factor authentication.  As you can see here, I have multiple security   keys as well as the Gmail prompt setup as my  2 factor authentication, or 2FA for short.  Now let me stop and say this. If you take away  only one thing from this video I want it to be   this: Gmail security does not exist without 2FA.  In other words, if you’re not using 2FA, even if   you have the strongest password in the world, your  account security is at high risk. I’m not trying   to scare you, I’m just telling you the truth. There are many ways that you can activate 2FA,   including SMS text, authenticator apps  and even backup codes. Thankfully,   the most secure way to do this is also one of  the easiest to setup. And that’s where Yubikey,   the sponsor for this video comes in. If you’ve followed me here for any amount   of time, you know that I don’t take on many  sponsors on this channel. And the truth is,   they didn’t reach out to me, I reached out to  them, basically saying “I use your 2FA keys,   I love them. Let’s work together!”. You see, I own a few of their 2FA keys,   including one that I keep on my keychain, which  works for my computer and Apple phone, the backup   that I keep in an undisclosed location, and the  new Bio which uses fingerprint authentication.  There are plenty of 2FA  keys you can find on Amazon,   but when it comes to this kind of security, I’m  very picky about who I trust. You can use the   Yubikey Security Key to secure not only your Gmail  account, but also any other account that supports   the FIDO protocol, and there are plenty of them. If you don’t have your own 2FA key yet or perhaps   you don’t have a backup, Yubico is offering a  special discount on their affordable Security Key   series so that you can buy a couple of your own.  You’ll find links in the description. Personally,   I bought four, a primary and backup key for myself  as well as the same for my wife. I promise you,   this is an investment in your security that you  can’t afford NOT to make. I know that’s a double   negative. In other words, you need to do this. The process of setting up a 2FA key on your Gmail   account it’s pretty straightforward.  Log into your Gmail account,   go to myaccount.google.com/security,  scroll down and find 2-Step Verification,   turn it on if you haven’t already, then click  “Add security key”. Of course, you’ll already   need to have purchased your key, but once you have  your Yubikey device in hand, you’ll click on USB   and then register the key by plugging it into your  computer or device. Name it whatever you want and   then you’re done! You can remove the keys at any  time, which is useful if you somehow lose the key.  Now any time you log into your email on  a new device, you’ll need to plug in this   key to verify that this is, in fact, your  account. But that’s exactly what you want.  Important side note here: whenever you use  any kind of 2FA, you NEED to make sure you   have a backup plan. This could be a second  key, backup codes that you store securely or   something else. The last thing you want, though,  is lock yourself out of your Gmail account!  An important step in your Security Checkup after  2FA is to review 3rd party access. Over the years,   we allow certain apps or websites to have access  to our account and we often forget to remove them   when we’re done using that particular service. For example, you can see here that at some point   I allowed Word Cloud for Documents  to have access to my account.   Since I don’t use that service anymore,  I’ll go ahead and remove access.  You should do the same to any apps or sites  that you don’t recognize. And don’t worry,   if you make a mistake, they can always ask  for new access that you can give them again.  Now for those of you who want an extra measure  of security - and don’t worry, I’m not judging   you because I do this - you can enroll in what  Google calls its Advanced Protection Program.  It’s free to sign up, and although  it was designed with activists and   journalists in mind, it’s open to anybody. Essentially, the Advanced Protection Program   forces you to use a 2FA key, which I’ve already  said is the one thing you need to be doing anyway.   In addition to 2FA, a Gmail account  enrolled in this program performs   stringent checks on file downloads,  app installs, malware, etc.  Honestly, I can’t think of a good reason  not to enroll in this free program unless   you just refuse to buy a required 2FA key. But, since I know you care about locking   down your Gmail account, a 2FA key is  a no-brainer investment. Make sure you   grab your own set of Yubikey 2FA keys using  the special discount link below this video   and share this with other family and friends who  you know need to enhance their own Gmail security.  Oh yea, and if you want help setting up your  Yubikey on other accounts besides just Gmail,   make sure you watch this  tutorial next. Click right here.
Info
Channel: All Things Secured
Views: 834,459
Rating: undefined out of 5
Keywords: gmail security, secure email gmail, google account, secure email, how to secure gmail account, how to secure gmail account from hackers, how to add 2fa to gmail, secure google account, gmail 2fa, google 2fa, email security, gmail security settings, gmail security 2 step verification, gmail security checkup, google security key, yubikey setup, gmail yubikey setup, advanced protection program, email privacy and security
Id: TjLd900i3vc
Channel Id: undefined
Length: 7min 23sec (443 seconds)
Published: Thu Jan 20 2022
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.