Google accounts are a treasure trove of personal data for identity thieves. We’ve already covered setting up two-step authentication to secure your Google account, but there are a few more tricks you may not know about.
These Google features provide easy ways to monitor your account’s access history, manage the websites that can access your account, and control private information that may be leaking onto the Web.
Monitor Account Activity
Buried at the bottom of your Gmail inbox, you’ll find a Last Account Activity indicator. It’ll tell you when your account was last accessed; click the Details link to see more information.
The details window shows you your account activity at a glance. You’ll find a Recent Activity List here — as I can see from the * indicators and the IP address at the bottom of the window, all account activity is coming from my current IP address.
If there was activity coming from an unusual IP address — perhaps one half way around the world — I’d get an alert because my alert preference is to prompt on unusual account activity. This is the default. If the alert is disabled, you’ll probably want to click Change and set it to alert you.
If there active sessions elsewhere — maybe you forgot to log out on a public computer? — use the Sign Out All Other Sessions button to forcibly close them.
Check Authorized Sites & Apps
Website and apps can ask for permission to access your Google account. If you’ve been trying out various web services and apps, some of them may still have access to your account, even if you no longer use them.
First, open the Account Settings page from anywhere on Google.
On the Account Settings page, click the Edit link next to Authorizing Applications & Sites.
After entering your password, you’ll see the list of sites and apps that have access to your Google account.
Each website or app can have different permissions. Ones with permission to “Sign in using your Google account” can’t do anything more than use your Google account to confirm your identity, while ones with “Full Account Access” have access to your entire account. Many apps are somewhere in between — for example, the Picnik image editor has access to my Picasa Web Albums here. Other apps could have access to your Gmail account.
If you don’t use an app or website anymore, or just don’t like how many permissions it requires, click the Revoke Access link to remove access.
Check the Dashboard
Google’s Dashboard shows you everything Google knows about you. At the bottom of the Account Settings page where you found the Authorizing Applications & Sites link, click the “Visit the previous version of the Google accounts screen” link.
On the following page, click the “View data stored with this account” link.
From here, you can see what you’re sharing with the entire Internet or other Google users. Look for the icon that looks like a group of three people to see what you’re sharing. If you don’t want to share specific data, use the links next to the service to manage your shared data.
You can also remove data you don’t want Google to have. For example, if you’re done using Chrome and don’t want Google to remember your browser data, click the “Stop sync and delete data from Google” link to the right of the Chrome sync service.
If you notice anything amiss, particularly with access to your account from other locations, changing your password is a good idea. Click the Change Password link on your Account Settings page to change it.