Tools and tips to help you
stay safe online.
We automatically protect your privacy with industry-leading security. There are a few additional steps you can take to manage your online security and choose the right level of protection for you.
of your Google Account.
Take the Security Checkup
One easy way to protect your Google Account is to take the Security Checkup. This step-by-step tool gives you personalized and actionable recommendations to help strengthen the security of your Google Account.
Defend against hackers with 2‑Step Verification
2-Step Verification helps keep out anyone who shouldn’t have access to your account by requiring you to use a secondary factor on top of your username and password to log in to your account. For those who are at risk of targeted online attacks and need even stronger protections, we’ve created the Advanced Protection Program.
Use strong and unique passwords
Creating a strong, unique password for every account is one of the most critical steps you can take to protect your privacy. Using the same password to log in to multiple accounts, like your Google Account, social media profiles, and retail websites, increases your security risk.
Keep track of all your passwords
A password manager, like the one built into your Google Account, helps protect and keep track of the passwords you use on sites and apps. Google’s Password Manager helps you create, remember, and securely store all your passwords to safely and easily sign in to your accounts.
Check your passwords for security issues
Check the strength and security of all of your saved passwords with a quick Password Checkup. Learn if any of your saved passwords for third-party sites or accounts have been compromised, and easily change them if needed.
Know how scammers might reach you
Scammers can take advantage of goodwill by disguising their scams as legitimate messages. Alongside emails, scammers may also use text messages, automated calls, and malicious websites to exploit you.
Always validate suspicious URLs or links
Phishing is an attempt to trick you into revealing critical personal or financial information, like a password or bank details. It can take many forms, such as a fake login page. To avoid getting phished, never click on questionable links; double-check the URL — by hovering over the link or long-pressing the text on mobile — to make sure the website or app is legitimate; and make sure the URL begins with “https.”
Watch out for impersonators
Scammers might pose as legitimate organizations like the government or nonprofits. Always proceed with caution when reading messages from someone claiming to be an authoritative resource. If someone you know emails you but the message seems odd, their account may have been hacked. Don’t reply to the message or click any links unless you can confirm the email is legitimate. Look out for things like urgent requests for money, sob stories about being stranded abroad, or the person claiming their phone was stolen and cannot be called.
Beware of email scams or requests for personal information
Messages from strangers can be suspect, and even a communication from someone you trust, like your bank, might be an impersonation. Don't reply to suspicious emails, instant messages, or pop-up windows that ask for personal information. Never click suspicious links or enter personal information in questionable forms or surveys. If asked for a nonprofit donation, go directly to the organization's website to donate rather than clicking on the link sent to you.
Double-check files before downloading
Some sophisticated phishing attacks can occur through infected documents and PDF attachments. If you come across a suspicious attachment, use Chrome or Google Drive to open it. We’ll automatically scan the file and warn you if we detect a virus.
keep you safe online.