Official Gmail Blog
News, tips and tricks from Google's Gmail team and friends.
Gmail account security tips
October 27, 2009
Posted by Sarah Price, Online Operations Strategist
As part of
National Cyber Security Awareness Month
, we recently posted about
how to pick a smart password
. Having a strong password goes a long way in helping to protect your data, but there are a number of additional steps you can take to help you keep your Gmail account secure:
1. Remember to sign out.
Especially when using a public computer, be careful to
sign out of your Google account
when you're finished. Just click the "Sign out" link at the top right corner of your inbox. If you're using a public or shared computer and want to be extra thorough, you can also
clear the browser's cache, cookies and history
. Then, completely close the browser. On your personal computer, you can also lock your computer with a password-protected screensaver if you need to step away momentarily. Learn the best ways to lock your screen in
Windows
or in
Mac OS X
. Forgot to sign out? Open up a new Gmail session on another computer and use Gmail's
remote sign out feature
to close any sessions that might still be open elsewhere.
2. Be careful about sending certain sensitive information via email.
Once you send an email, you're no longer in control of the information it contains. The recipients, if they so choose, could forward the email or post its contents in a public place. Even if you know and trust the people you're emailing, that information may become exposed if their accounts become compromised or they get a virus on their machines. As a rule of thumb, should you need to provide a credit card number or financial account number to respond to a message, provide it over the phone or in person — not over email. And never share your password with anyone. Google does not email you to ask you for your password, your social security number, or other personal information — so don't send it!
3. Enable "Always use HTTPS."
Any time you visit a webpage, your computer needs to send and receive information across the Internet. HTTPS is used to encrypt data as it is transmitted between computers on the Internet, so look for the "https" in the URL bar of your browser to indicate that the connection between your computer and Gmail's servers is encrypted. We use HTTPS on the Gmail login page, and you can
choose to protect your entire Gmail session with HTTPS
as well. HTTPS can make your mail slower, so we let you make the choice for yourself. Open
Settings
and choose "
Always use HTTPS
" on the General tab if you want to turn it on.
4. Be wary of unexpected attachments.
To help protect you from viruses and malware,
Gmail automatically scans every attachment
when it's delivered to you, and again each time you open a message. Attachments you send are also scanned. That said, no system is foolproof, so if you happen to get an email from a friend with an attachment you didn't expect, don't be afraid to ask the sender what it is before you decide whether to open it.
5. Make sure your account recovery information is up-to-date.
Your
account recovery information
helps you regain access to your account if you ever forget your password, or if someone gains access to your account without your permission. We currently offer several paths to account recovery. Every Gmail user must select a
security question and answer
— be sure to choose a combination that is easy for you to remember, but hard for others to guess or come across by investigating. Don't choose a question like "What is my favorite color?" as others may easily guess the answer. We also encourage you to provide a secondary email address and/or a
mobile phone number
, so we can send you a link to reset your password if you lose access to your account.
You can find additional security tips for Gmail in our
Help Center
. Learn more about protecting your computer, website, and personal information by checking out our
security series on the Google blog
or visiting
http://www.staysafeonline.org
.
What's new with Gmail on iPhone and Android
October 26, 2009
Posted by Heaven Kim, Product Marketing Manager, Google Mobile
Back in April, we
released
a new version of Gmail for mobile, re-designed to be faster, more usable, and offer basic offline support on iPhone and Android devices. The improvements we made to its underlying architecture have made it possible for us to rapidly release new features and further improve performance since then.
Over the last six months, we've added a lot:
mute
,
label management
,
keyboard shortcuts
,
smart links
, an
outbox
, and the ability to
move
messages (label and archive in one step). Some new features, like
swipe-to-archive
and
auto-expanding compose boxes
, take advantage of these mobile phones' unique properties. We also made
address auto-complete faster
,
enhanced refresh
capabilities, and sped up loading so Gmail for mobile starts in under three seconds on newer smartphones.
We'll continue to add more functionality —and there's no need to download or update anything as long as you have iPhone/iPod touch OS 2.2.1 or above or are using an Android-powered device. Just go to
gmail.com
from your mobile browser as you do on your PC. To make it easy to access your Gmail account, try creating a
home screen link
.
New in Labs: Google Docs previews
October 15, 2009
Posted by Steven Saviano, Software Engineer
Being an avid
Google Docs
user, I receive a ton of emails with links to documents that my co-workers and friends share with me. From technical design documents at work to my roommate's expenses spreadsheet, my inbox is full of document links that I need to view as I reply to my mail.
Opening these links in another tab or window is kind of annoying, plus it can be tough to keep the context of the email in mind while viewing the document.
Starting today, you can preview the contents of a Google document, spreadsheet, or presentation right in your Gmail inbox — just like you've already been able to do with
YouTube videos, Yelp reviews, and Picasa and Flickr albums
. Gmail will automatically detect when you receive a document link and display the name and type of doc below the email.
Just click "Show preview" and the contents of the document will display right there — no need to switch back and forth between email response and document.
To enable Google Docs previews, go to the
Labs tab
under Settings.
Let us know what you think
and what else you'd like to see while viewing docs in Gmail.
New in Labs: Got the wrong Bob?
October 13, 2009
Posted by Ari Leichtberg, Software Engineer and Yossi Matias, Head of Israel Engineering Center
When's the last time you got an email from a stranger asking, "Are you sure you meant to send this to
me
?" and promptly realized that you didn't? Sometimes these little mistakes are actually quite painful. Hate mail about your boss to your boss? Personal info to some random guy named Bob instead of Bob the HR rep? Doh!
"Got the wrong Bob?" is a new Labs feature aimed at sparing you this kind of embarrassment. Turn it on from the
Labs tab
under Gmail Settings, and based on the groups of people you email most often, Gmail will try to identify when you've accidentally included the wrong person — before it's too late.
If you normally email Bob Smith together with Tim and Angela, but this time you added Bob Jones instead, we'll warn you that it might be a mistake. Note that this only works if you're emailing more than two people at once.
While we were at it, we also changed the name of "
Suggest more recipients
" to "Don't forget Bob" — the two related Labs features just kind of went together better this way.
If you want to test "Got the wrong Bob?" out, try faking a mistake like this:
1) Think of three people you often email together.
2) Compose a message to two of them.
3) Start typing the third member of the group (for help you can use one of the people we suggest in "Don't forget Bob"), but then
auto-complete
on the wrong name.
If you have suggestions
please let us know
. And if "Got the wrong Bob?" happens to save you from making a really bad mistake, we want to hear about that too.
Getting Gmail on your phone
October 12, 2009
Posted by Shyam Seth, Product Manager, Google Mobile
Checking Gmail on your phone isn't reserved for those of us with extra fancy mobile devices — sure, it's easier to use Gmail when your iPhone has a
touchscreen
or there's a
downloadable app built especially for your BlackBerry
, but Gmail is available on almost all mobile devices today. If your phone has a data plan, it can get Gmail. There are two main ways to check your messages on the go:
(1) Go to gmail.com in your mobile browser
The easiest way to check Gmail from your phone is to go to gmail.com in your device's mobile browser. That opens a version of Gmail built especially for small screens, where you can see messages grouped into conversations, search through your mail, or flag important messages with stars. On some devices (iPhone and Android), Gmail offers some additional features like the ability to add and remove labels and basic offline support.
Text the link to your phone
to get started.
(2) Use your phone's built in email application
Many mobile devices come with native mail applications pre-installed. Setting up Gmail to work with them is usually pretty straight-forward and there is often a wizard to help. If you have an iPhone or Windows Mobile device, you can get
push Gmail using Google Sync
. Otherwise, you can set things up using IMAP with these
step-by-step directions for specific devices
. Depending on your particular phone, you may notice features such as search, conversations, and stars missing. On the plus side, these applications tend to start up quickly and work even when you're not connected to the internet.
For more information, check out this new
beginner's guide
.
Choosing a smart password
October 6, 2009
Posted by Michael Santerre, Consumer Operations Associate
As part of
National Cyber Security Awareness Month
, we'd like to take this opportunity to remind you about smart password practices. Help ensure you're protecting your computer, website, and personal information by checking out our
security series on the Google blog
or visiting
http://www.staysafeonline.org
.
Phishing, a topic that's been in the news, is unfortunately a common way for hackers to trick you into sharing personal information like your account password. If you suspect you've been a victim of a phishing attack, we recommend you immediately change your password, update the security question and secondary address on your account, and make sure you're using a modern browser with anti-phishing protection turned on. Keep an eye out for the
phishing warning
Gmail adds to suspicious messages, and be sure to review these tips on
how to avoid getting hooked
.
Creating a new password is often one of the first recommendations you hear when trouble occurs. Even a great password can't keep you from being scammed, but setting one that's memorable for you and that's hard for others to guess is a smart security practice since weak passwords can be easily guessed. Below are a few common problems we've seen in the past and suggestions for making your passwords stronger.
Problem 1: Re-using passwords across websites
With a constantly growing list of services that require a password (email, online banking, social networking, and shopping websites — just to name a few), it's no wonder that many people simply use the same password across a variety of accounts. This is risky: if someone figures out your password for one service, that person could potentially gain access to your private email, address information, and even your money.
Solution 1: Use unique passwords
It's a good idea to use unique passwords for your accounts, expecially important accounts like email and online banking. When you create a password for a site, you might think of a phrase you associate with the site and use an abbreviation or variation of that phrase as your password — just don't use the actual words of the site. If it's a long phrase, you can take the first letter of each word. To make this word or phrase more secure, try making some letters uppercase, and swap out some letters with numbers or symbols. As an example, the phrase for your banking website could be "How much money do I have?" and the password could be "#m$d1H4ve?" (Note: since we're using them here, please don't adopt any of the example passwords in this post for yourself.)
Problem 2: Using common passwords or words found in the dictionary
Common passwords include simple words or phrases like "password" or "letmein," keyboard patterns such as "qwerty" or "qazwsx," or sequential patterns such as "abcd1234." Using a simple password or any word you can find in the dictionary makes it easier for a would-be hijacker to gain access to your personal information.
Solution 2: Use a password with a mix of letters, numbers, and symbols
There are only 26^8 possible permutations for an 8-character password that uses just lowercase letters, while there are 94^8 possible permutations for an 8-character password that uses a combination of mixed-case letters, numbers, and symbols. That's over 6 quadrillion more possible variations for a mixed password, which makes it that much harder for anyone to guess or crack.
Problem 3: Using passwords based on personal data
We all share information about ourselves with our friends and coworkers. The names of your spouse, children, or pets aren't usually all that secret, so it doesn't make sense to use them as your passwords. You should also stay away from birth dates, phone numbers, or addresses.
Solution 3: Create a password that's hard for others to guess
Choose a combination of letters, numbers, or symbols to create a unique password that's unrelated to your personal information. Or, select a random word or phrase, and insert letters and numbers into the beginning, middle, and end to make it extra difficult to guess (such as "sPo0kyh@ll0w3En").
Problem 4: Writing down your password and storing it in an unsecured place
Some of us have enough online accounts that we may need to write our passwords down somewhere, at least until we've learned them well.
Solution 4: Keep your password reminders in a secret place that isn't easily visible
Don't leave notes with your passwords to various sites on your computer or desk. People who walk by can easily steal this information and use it to compromise your account. Also, if you decide to save your passwords in a file on your computer, create a unique name for the file so people don't know what's inside. Avoid naming the file "my passwords" or something else obvious.
Problem 5: Recalling your password
When choosing smart passwords like these, it can often be more difficult to remember your password when you try to sign in to a site you haven't visited in a while. To get around this problem, many websites will offer you the option to either send a password-reset link to your email address or answer a security question.
Solution 5: Make sure your password recovery options are up-to-date and secure
You should always make sure you have an up-to-date email address on file for each account you have, so that if you need to send a password reset email it goes to the right place.
Many websites will ask you to choose a question to verify your identity if you ever forget your password. If you're able to create your own question, try to come up with a question that has an answer only you would know. The answer shouldn't be something that someone can guess by scanning information you've posted online in social networking profiles, blogs, and other places.
If you're asked to choose a question from a list of options, such as the city where you were born, you should be aware that these questions are likely to be less secure. Try to find a way to make your answer unique — you can do this by using some of the tips above, or by creating a convention where you always add a symbol after the 2nd character in the answer (e.g. in@dianapolis) — so that even if someone guesses the answer, they won't know how to enter it properly.
Labels
buzz
calendar
Gmail Blog
Google Apps Blog
Google Calendar
googlenew
Inbox
Inbox by Gmail
labs
mobile
Offline
reader
tasks
tip
Archive
2016
Sep
Aug
Apr
Mar
Feb
Jan
2015
Dec
Nov
Oct
Sep
Jul
Jun
May
Apr
Mar
Feb
Jan
2014
Dec
Nov
Oct
Aug
Jul
Apr
Mar
Feb
Jan
2013
Dec
Nov
Oct
Sep
Jul
Jun
May
Apr
Mar
2012
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2011
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2010
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2009
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2008
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2007
Dec
Nov
Oct
Sep
Aug
Jul
Feed
Google
on
Follow @gmail
Follow
Give us feedback in our
Product Forum
.
Get posts via email
Email:
Powered by
Google Groups
Useful Links
About Gmail
Gmail for Mobile
Gmail for Work