When you want to change your Gmail account password, you need to change your Google account password. All Google apps and services are linked to a single account that you can access using your Google Account ID and password. Of course, while you’re talking about this ID as your Gmail ID, it is necessarily your Google Account ID.
This is why you will have to sign up for a Google account instead of Gmail to change your password. But there are some things to keep in mind before even changing the Gmail / Google password. After all, you don’t want your account hacked or compromised, do you?
We’ll discuss some key factors that affect the security of your account and what you can do to protect its integrity.
Why change the Google password
If you forgot your password, you need to recover your Google account password and change it. Another reason could be a security breach. Think your account was compromised or someone was standing over your shoulder when you accessed Gmail? Maybe you were using a public Wi-Fi network or a computer?
We use a Google account not only to access all Google apps and services such as Gmail and Drive, but also third party sites and so on. Most apps have an option to sign in using Google. While quick and easy, it also poses a security threat.
Good practices to keep in mind
A lot of users still create and use stupidly simple passwords like 123456. It’s as good as not having a password. Others opt for a combination of birthdays, phone numbers, etc. Your password must be random in nature. Not connected to you in any form or form.
I like passwords, random strings of alphanumeric text, generated by password managers. Although they are difficult to remember, they are also more secure and less hackable. But then you will have to depend on a password manager, and that’s not a bad thing. You will need to remember only one password. Make sure he’s really strong.
Here’s a short list to get you started:
- Case sensitive (both cases)
- Unbound or random string
- 2FA or multi-factor authentication
- Store offline (securely) or use password manager
- Use a VPN when you are on a public / unsecured network
- Use a Google One account for more security and quick support
How to frequently change passwords
There was a time when security experts around the world recommended changing passwords every few months. My bank asks me to change mine every 90 days. Not anymore.
The National Institute of Standards and Technology (NIST), in its guidance to the government, has asked organizations to increase the time between forced password changes. This is because these passwords are often forced to be complicated (alphanumeric, case sensitive), and you cannot use a password that you already used the last time or before that.
This leads employees / users to resort to more memorable passwords and reuse the same password with a few variations. Other users end up writing the passwords in unsafe places, further increasing the security risks. I agree. You should change your password, but only when you feel or know it has been compromised. If you follow security best practices and use a strong password, you don’t have to change it frequently.
How to check if it is compromised
But how do you know you’ve been compromised? There are several ways.
The first is current affairs. Most hacks are reported and covered extensively by the media, so keep an eye out. Google has released a browser extension that will check your password against a database to make sure yours isn’t hacked or compromised.
Google also announced the critical alert feature, where you will be notified via a notification as soon as Google believes your account has been compromised. The notification is difficult to spoof, Google says, because it will appear as an in-app notification when using any Google app. It could be Search, Gmail, or Drive, for example.
There is also a reliable site called Have I Been Pwned, where you can enter your email id and password to verify against a publicly accessible database of hacked accounts.
Finally, you can apply a little common sense. Have you noticed any suspicious activity? Emails you never sent or files you didn’t download? User login email from location / computer / IP address you don’t recognize? These are all signs that you have been hacked and need to change your Google Account password immediately.
Using 2FA for increased security
Google allows you to connect using 2FA and 2SV. I recommend that you implement them as soon as possible if you haven’t already. This will add an extra layer of security so that even if your Google Account password is compromised, the hacker will not be able to log in. This is because he has to enter another password. A 6-digit code via an authenticator app or verify using your phone via 2SV.
Using Password Manager for Ease
The main reason people use a simpler (and hackable) password is that it’s easy to remember and type. A password manager can solve this problem easily. Most password managers will also generate a strong and random password for you based on the criteria you set. Now you need to set a unique password for the password manager and don’t forget to add 2FA to it. Your whole world will be turned upside down if the password manager app is hacked.
How to change the password
The process is pretty straightforward.
Step 1: Open the My Google Account page. Under the Security tab, you will find the heading “Sign in to Google”. This is where you can change the password and activate / deactivate 2SV. Click on Password.
2nd step: You will need to re-enter your Google account password to verify that it is you who is trying to access these critical settings.
Step 3: You can now enter a new password (twice) and click Change Password to save it.
Spread the word
Google already takes a lot of precautions to protect and secure your account, but it’s also your responsibility to act seriously. The age-old adage of “precaution is better than cure” is true here. Learning how to control damage is great, but why even go for it. Stop hackers in their tracks by following security best practices first. And it all starts with using a strong password, activating 2FA, using secure networks and devices to access Google services, and using a password manager.
Google has always delayed its end-to-end encryption tool. Click on the following article to learn how SecureGmail can help you secure your conversations on Gmail.
Last updated on Oct 28, 2020
The above article may contain affiliate links that help support Guiding Tech. However, this does not affect our editorial integrity. The content remains impartial and authentic.