Hi, Guys Every Day i'm Hearing that everyday many e-mail account hacked because of Poor Passwords Combination, less Security/privacy setting or unknown about various technique used by hackers. if you crazy about how your facebook account Hacking can be Done, must read my Previous Article. you know our all accounts like social networking sites, online recharges, payment sites account are connected to e-mails So if our e-mail account is hacked, hacker can hack your all accounts by clicking on forget password button. so Today we want to show you Some essential, technical and non-technical tips that will further strengthen your account security from any possible threat and scheme.
Follow below Given tips :
[#] Use A Unique & Strong Password (Hard to Crack) :
Many accounts can be Hacked by Guessing password becoz many users use their phone number, nick name, Girlfriend name, or some words like I Love You etc. so First of all use Strong and Unique password with all characters combination ( include alpha-bate (upper, lower case), Numbers, Some Special Characters ) that will be unable to guess.
- Use unique passwords for your accounts, especially important accounts like email and online banking. Choosing the same password for each of your online accounts is like using the same key to lock your home, car and office – if a criminal gains access to one, all of them are compromised. So don’t use the same password for an online newsletter as you do for your email or bank account. It may be less convenient, but picking multiple passwords keeps you safer.
- Use a long password. The longer your password is, the harder it is to guess.
- Use a password with a mix of letters, numbers, and symbols.
- Try using a phrase that only you know. For example, for your email you could start with “My friends Ekta Bhardwaj and VivEk send me a funny email once a day” and then use numbers and letters to recreate it. “MfEB&Vsmafe1ad” is a password with lots of variations.
[#] Check The URL before Log In :
Always Check your address or URL bar Before input your information in page that connection should be https and exact url of website. becoz some dirty mind create phishing page (exact replica) The worst part – they install some scripts or malicious codes behind the fake login page and host the page in their web server. When you login to Gmail from a fake login page, your username as well as password is sent to the attacker.
[#] Setup Two-Step Authentication (a Password and Your Phone) :
This is one of the Best way to Secure your account from Hackers. Well, the good news is that Google has been forging its Gmail security system by adding new security features, most of which we do not know about. to combat the growing account theft issues, Google has introduced a security feature which will greatly strengthen your account: 2-step Verification. In general, it adds an extra layer of security by inquiring a code that will be sent to your phone a special code OTP (one time password) for login in addition to your password. The code comes through your phone and is valid for 30 seconds. every time you request for the account access, thus making it impossible for anyone to hack into your account without your phone.
Sounds problematic? Probably not. The awesome thing is that the setup is fairly easy, you just need to visit the setup page and follow a series of simple instructions, and that’s all, you are good to go!
[#] Set Security Question :
You will be surprised to the fact that hackers love to hack into your account from your mail recovery’s security question, than to confront your already strong password directly. It’s really reasonable though, since most websites teach you to create a strong password, but they didn’t tell you to spawn a tricky recovery question and/or answer. For this one I will like to have my personal trick exposed to you: create a question with an absolutely wrong answer. It’s really simple, let’s say you made a question, “Who is the lover of my mother?” (please don’t use the combination of this question and the answer below since we covered it here), then you can put the answer as “my mother loves to eat burger“. Make it as nonsensical as possible, but keep the answer strongly related with your past, so you can remember it easily and only you will know the answer.
Once you got your own tricky question and answer, you can change your password recovery question by accessing your Gmail, clicking on the gear-like icon > Settings > Accounts and Import > Change password recovery options, then click “Edit” on the Security question option and replace it with your new question.
[#] Set Up Your Password Recovery Options And Keep Them Up-To-Date :
If you forget your password or get locked out, you need a way to get back into your account. Many services will send an email to you at a recovery email address if you need to reset your password, so make sure your recovery email address is up-to-date and an account you can still access.
Sometimes you can also add a phone number to your profile to receive a code to reset your password via text message. Having a mobile phone number on your account is one of the easiest and most reliable ways to help keep your account safe.
[#] Regularly Monitor Gmail Account Activity :
You can monitor the IP addresses of the computers used to log in to your Gmail account. To find the IP addresses, log in to Gmail, scroll down and click account activity details.
This will show you a list of the last IP addresses used to log in to your Gmail account. You will notice the country and state name alongside date and time of your last Gmail activity. Should you find another unknown IP address or the name of a place, there are high chances that somebody else is logging in to your Gmail account from elsewhere.
To solve this issue, click the “Sign out of all other sessions” button and Gmail will automatically delete all the active sessions of your account. Next, immediately change the password from your Google accounts settings page.
[#] Enable Https Security :
When it comes to accessing your Gmail account in public wireless or non-encrypted networks,HTTPS could mean your security. Leaving HTTPS disabled will only make it easier for attackers to crack open a path into your Gmail account. HTTPS is enabled by default, but past experience has taught me that it’s always better to perform a check to ensure that the HTTPS option is on.
[#] Do not Click on Suspicious Links :
There are some websites which let’s anyone send fake emails to any email address. And the worst part is that the sender can customize the “From” address to anything – noreply@gmail.com or gmailteam@google.com.
Consider a scenario: Mr X uses some website and sends an email to you asking you to change your Gmail password due to security reasons. You see the from address field as something like “support@gmail.com” and think that it’s from Gmail. No, it’s not. When you receive any emails which asks you to change your account password or enter login credentials, STOP. Do not ever click on any suspicious links from your inbox.Gmail will never ask you to change your password or enter login credentials without any reason. Hence, if you receive any email which claims to be from Google and wants you to change your password, be rest assured someone is trying to fool you and hack your email account.
[#] Avoid Checking Emails At Public Places :
A Keylogger is a computer program which can be used to record what you are typing in the keyboard The Keylogger records your keystrokes, saves them in a simple text file and sends it to an email address or to an FTP server. And you are completely unaware of the whole process, running in the background.
You never know which programs are installed in a public computer. Consider a simple scenario: You went to a local internet cafe to check emails from your Gmail account. The cafe staff has installed a Keylogger in every computer and when you type the username and password, the Keylogger script comes into action, records both your username and password and sends it to another email address. You leave the cafe after checking emails and the cafe staff retrieves your username and password and hacks your account.
Hence, never check emails at a local cafe or at public places or in any computer where you don’t have control.
[#] Never Trust Anyone :
Even (and especially) when you receive emails from your loved ones, because their account might be hacked and those emails are actually sent not by them and without their permission. I believe that most people already know about this but I feel it important to list this advice down nonetheless.
The fact is that I can’t really count how many scam or phishing mails I’ve received from my friends’ hacked accounts. Fortunately I was calm enough to not open the “I love you” email, but there could be certain mails like “Robbed in China” scams in which "your friend" asks for your emergency help, and these are the ones that could really trick you as the request for help is coming from your dear friend.
Normally your first reaction would be to ignore the mail, but if you’re really curious about the situation, then reach out to the friend or his/her family members to verify the crisis before extending any help . Otherwise, you’re the one who will face the crisis, so please keep the warning in at the back of your mind any time!
Some Other Tip :
- Don’t send your password via email. Legitimate sites and services won’t ask you to send them your passwords via email.
- Keep your password reminders in a secret place that isn’t easily visible. Don’t leave notes with your passwords in plain sight, on your computer or desk.
- Never Store Private information like as Credit, Debit card Details, Passwords, Commercial information on your e-mail account.
What To Do I Get Hacked :
- Check Granted account access : The first thing you must check to see if you have suspicious activities happening in your Gmail account, is probably your granted account access settings. I guess if a hacker had a chance to infiltrate into your account, he will probably add his own created fake mail account into your Gmail for easier future access, or for a re-hacking session if his other tricks were exposed and removed.
- Recover Your Account : Try to recover your account using e-mail address and phone number.