Security Experts:

Connect with us

Hi, what are you looking for?


Email Security

Google Boosts Account Security With New Tools, Protections

Google on Wednesday announced several new tools and protection mechanisms designed to help users secure their accounts and recover them in case they have been compromised.

Google on Wednesday announced several new tools and protection mechanisms designed to help users secure their accounts and recover them in case they have been compromised.

It’s not uncommon for accounts to get hacked after their username and password have been obtained by malicious actors through phishing attacks. Since many users still haven’t enabled two-factor authentication, Google has introduced an additional layer of security during the login process.

When the username and password are entered on the sign-in page, a risk assessment is run and the login is only successful if nothing is suspicious. However, for the risk assessment to work, Google says users need to have JavaScript enabled.

The tech giant pointed out that JavaScript is enabled by default in most web browsers, but noted that 0.1% of its customers have decided to disable it. If JavaScript is disabled and the risk assessment cannot be completed, authentication will fail.

Google requires users to enable JavaScript when accessing their account

Once users have logged in, the Security Checkup tool introduced by Google last year helps them improve the security of their account by offering customized guidance. The tool is constantly enhanced and the company recently added protection against harmful mobile apps based on recommendations from Google Play Protect. It now also allows users to remove their account from devices they no longer use.

While Google currently notifies users when third-party sites or apps are given access to Gmail and Google Contacts data, the company says it will soon add Google Accounts to the list.

In case an account has been compromised, Google now provides a step-by-step process that helps users check security settings, protect other accounts linked to the hacked account, verify financial activity to see if payment methods linked to the account have been abused, and review files in Gmail and Drive to determined if they have been accessed or misused.

Related: Google Announces New Security Tools for Cloud Customers

Related: Google Offers G Suite Alerts for State-Sponsored Attacks

Related: Google Tracks Your Movements, Like It or Not

Related: Google Launches reCAPTCHA v3

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...