Public Policy Blog
Updates on technology policy issues
Helping passwords better protect you
Thursday, May 30, 2013
Posted by Diana Smetters, Software Engineer
Knowing how to stay safe and secure online is important, which is why we created our Good to Know site with advice and tips for safe and savvy Internet use. Starting today, we'll also be posting regularly with privacy and security tips. We hope this information helps you understand the choices and control that you have over your online information.
-Ed.
It could be your Gmail, your photos or your documents—whatever you have in your Google Account, we work hard to make sure it’s protected from would-be identity thieves, other bad guys, or any illegitimate attempts to access your information.
But you can also help keep your information safe. Think of how upset you would be if someone else got access to your Google Account without your permission, and then take five minutes to follow the steps below and help make it more secure. Let’s start with the key to unlocking your account—your password:
1. Use a different password for each important service
Make sure you have a different password for every important online account you have. Bad guys will steal your username and password from one site, and then use them to try to log into lots of other sites where you might have an account. Even large, reputable sites sometimes have their password databases stolen. If you use the same password across many different sites, there’s a greater chance it might end up on a list of stolen passwords. And the more accounts you have that use that password, the more data you might lose if that password is stolen.
Giving an account its own, strong password helps protect you and your information in that account. Start today by making sure your Google Account has a unique password.
2. Make your password hard to guess
“password.” “123456.” “My name is Inigo Montoya. You killed my father. Prepare to die!” These examples are terrible passwords because everyone knows them—including potential attackers. Making your passwords longer or more complicated makes them harder to guess for both bad guys and people who know you. We know it’s hard: the average password is shorter than 8 characters, and many just contain letters. In a database of 32 million real passwords that were made public in 2009,
analysis showed
(PDF) only 54 percent included numbers, and only 3.7 percent had special characters like & or $.
One way to build a strong password is to think of a phrase or sentence that other people wouldn’t know and then use that to build your password. For example, for your email you could think of a personal message like “I want to get better at responding to emails quickly and concisely” and then build your password from numbers, symbols, and the first letters of each word—“iw2gb@r2eq&c”. Don’t use popular phrases or lyrics to build your password—
research suggests
that people gravitate to the same phrases, and you want your password to be something only you know.
Google doesn’t restrict password length, so go wild!
3. Keep your password somewhere safe
Research shows
(PDF) that worrying about remembering too many passwords is the chief reason people reuse certain passwords across multiple services. But don’t worry—if you’ve created so many passwords that it’s hard to remember them, it’s OK to make a list and write them down. Just make sure you keep your list in a safe place, where you won’t lose it and others won’t be able to find it. If you’d prefer to manage your passwords digitally, a trusted password manager might be a good option.
Chrome
and many web browsers have free password managers built into them, and there are many independent options as well—take a few minutes to read through reviews and see what would be best for your needs.
4. Set a recovery option
Have you ever forgotten your password? Has one of your friends ever been locked out of their account?
Setting a recovery option
, like an alternate email address or a telephone number, helps give the service provider another way to contact you if you are ever locked out of your account. Having an up-to-date recovery phone or email address is the best thing you can do to make sure you can get back into your account fast if there is ever a problem.
If you haven’t set a recovery option for your Google Account,
add one now
. If you have, just take a second to make sure it’s up to date.
We have more tips on how to pick a good password on our
Help Center
, and in the video below:
Your online safety and privacy is important to you, and it’s important to us, too. We’ve made a
huge amount of progress
to help protect your Google Account from people who want to break into it, but for the time being, creating a unique, strong password is still an important way to protect your online accounts. Please take five minutes today to reset your important passwords using the tips above, and stay tuned for more security tips throughout the summer.
Protecting Seniors from Identity Theft
Tuesday, May 7, 2013
Posted by Jenny Backus, Public Policy Team
Every day in this country, someone’s mother, grandfather, or older neighbor is a victim of identity theft. Whether the identity thieves attack through a confusing telemarketing scam, a misleading piece of mail, or over the Internet, seniors and their families are increasingly at risk of long-term financial and emotional damage that can take years to undo.
In order to address this issue, the Federal Trade Commission and a coalition of public and private partners like the National Consumer League’s
Fraud.org
are working together to protect seniors from identity theft. Google will also be recognizing Older Americans Month this May by offering tips for seniors to help them stay safe and secure online.
The FTC’s
report
of 2012 consumer complaint data recently showed that complaints about identity theft from older Americans are increasing at a faster rate than for any other age group. In fact, identity theft complaints from those over 70 increased by almost 70% since 2010, while complaints from 60 to 70 year olds increased by 53% in the same period.
Google’s
Good to Know
site is designed to help educate consumers of all ages about online threats and tools they can use to protect themselves, including information on
how to protect themselves from identity theft
.
Here are five tips from our security experts:
Don’t reply if you see a suspicious email, instant message or webpage asking for your personal or financial information. Identity thieves can steal your information and then use it to withdraw money from your bank account.
Never enter your password if you’ve arrived at a site by following a link in an email or chat that you don’t trust.
If you see a message from someone you know that doesn’t seem like them, their account might have been compromised by a cyber criminal who is trying to get money or information from you. Think before responding!
Don’t send your password via email, and don’t share your password with others. Legitimate sites won’t ask you to send them your passwords via email, so don’t respond if you get requests for your passwords to online sites.
Report any suspicious emails and scams. Many email providers, including Gmail, provide an easy way for you to report fishy emails and scams, and it can help our teams stop similar mail from being sent to you and others.
Seniors around the country can also learn more by attending or viewing by webcast the FTC’s workshop today on
protecting seniors from identity theft
. With speakers from some of the most trusted consumer groups, local, state and government leaders, and lead experts on fraud prevention, the FTC workshop will focus on forms of ID theft that are particularly significant for seniors, from the risks that seniors face in nursing homes to the identity theft concerns that arise when they file their taxes or seek government assistance, which is increasingly happening online.
Stopping bad actors who target seniors and preventing the rise of identity theft is a shared mission for all of us. Google is committed to making the Internet safer, and protecting our users of all ages.
Labels
Accessibility
5
Ad
2
Advertising
11
AdWords
2
Anti-defamation league
1
Book Search
16
Broadband
11
Business Issues
26
Buzz
1
buzzemail
1
Canada
1
Child Safety
18
Chrome
1
Cloud Computing
2
Competition
19
Congress
10
Constitute
1
copyright
7
Cuba
1
Cybersecurity
9
D.C. Talks
16
Digital Due Process
1
Digital Playbook
1
Economic Impact
5
Economy
13
ECPA
4
Elections
24
email
1
Energy Efficiency
29
Europe
2
FCC
7
fellowship
2
Fighting Human Trafficking
1
Free Expression
54
Geo
1
Gmail
1
GNI
2
Good to Know
5
Google Fellow
2
Google for Entrepreneurs
1
Google Ideas
2
Google Maps
1
Google Policy Fellowship
1
Google Tools
78
Government Transparency
33
Hate Speech
1
Health
5
How Google Fights Piracy
1
Human trafficking
1
Identity theft
1
Immigration
1
Intellectual Property
19
International
46
Journalists
1
Malware
1
Maps
1
National Consumer Protection Week
1
Net Neutrality
24
Patents
5
piracy. ad networks
2
Politicians at Google
11
Politics
23
Privacy
93
Public Policy
1
Public Policy Blog
806
Safe Browsing
3
scams
1
search
3
Security
17
Small Businesses
3
spectrum
4
State Issues
5
Surveillance
6
Technology for Good
1
Telecom
71
Trade
3
Transparency Report
4
White Spaces
23
WiFi Network
1
Workforce
5
Yahoo-Google Deal
5
YouTube
4
YouTube for Government
1
Archive
2016
Sep
Aug
Jul
Jun
May
Apr
Mar
2015
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2014
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2013
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2012
Dec
Nov
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2011
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2010
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2009
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2008
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2007
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Feed
Follow @googlepubpolicy
Give us feedback in our
Product Forums
.