- dotTech - http://dottech.org -

Tip: Use Gmail’s built-in activity monitor to audit account security

One of my favorite aspects about Gmail is that Google goes above and beyond simple e-mail, having extra features not found in many other e-mailing services. One of these extra features is Gmail’s activity monitor.

Gmail’s activity monitor is a tool that monitors and logs who accesses your Gmail account (IP address + geographic location) and at what time the account was accessed; it also tells you from what device the account was accessed with (mobile, browser, etc.):

[1]

Using the recent activity log, one can easily spot if there has been unauthorized access to ones Gmail account – just look for erratic, unknown, or unusual IP addresses. If you find an IP address that does not belong to you – look at the very bottom of the page to see your current IP address – that may mean your account has been hacked.

Do note, though, that just because you find multiple different IP addresses accessing your Gmail account that does not necessarily mean your account has been compromised. You could have accessed your account using different Internet connections (i.e. your WiFi, your phone, your friend’s WiFi ,etc.) in which case IP addresses will differ; you may also be assigned a dynamic IP address from your ISP (most people do) so your home Internet’s IP address will change periodically, and that change may be reflected in the activity log.

To double-check and verify if your account has been compromised, IP addresses can be researched using tools IP tracing tools. These tools provide detailed information about IP addresses, allowing you to determine if the access to your Gmail account was legitimate – i.e. by you – or not.

While you can use any tool you want to research IP addresses, WhatsMyIPAddress [2] is my personal favorite IP address-searching tool because it displays general and geographic information regarding an IP address, in a human-readable manner:

[3]

If you come to the conclusion your account has indeed been compromised, you can use the activity monitor to quickly change your password (pick a good one [4] this time):

[5]

[8]

[9]

Once you change your password, since you logged everyone out that was logged in, no one but you will have access to your account.

Four more things to note:

[11]

[12]

By default the activity monitor is actually set to automatically issue you alerts; so you don’t need to turn it on yourself.

[13]

While the Gmail activity monitor is no protection against hackers, it is an easy way to clean up the mess after the fact. *Cough* Gawker’ed *cough*

Have any other useful Gmail tips? How about tips regarding other e-mail services? Share with everyone in the comments below!

Thanks IainB [14]!