6
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Hacks: Break into Gmail

About Video Transcript

Hacks: Break into Gmail

3:43 /

We'll show you how attackers can steal your Gmail passwords, and how to stop them.

Recently, Twitter suffered an embarrassment as a hacker obtained quite a bit of confidential information and passed it along to tech news sites. Apparently, the hacker accessed a Twitter employees' Gmail account and used that to gain access to Google Docs, company systems, and more. The employee most likely thought they had proper security protections in place. I�m Tom Merritt from CNET.com, and I�ll show you how the Gmail account got cracked, and how you can take better care to protect your Gmail account. Obviously, you should start by picking a strong password that�s not a dictionary word or easily guessable. But that password is only as strong as Google's password recovery system. Google allows three methods to recover your password. E-mail, SMS, and the vaunted "security question." Three methods an attacker could use to gain entry to your account. Go to settings, choose Accounts, and click on Google Account Settings. Then click "Change password recovery options." The e-mail recovery method tripped up the Twitter employee. In this method, if you forget your password, you can specify an e-mail account where a password- reset link can be sent. This is common practice in Web services. Allegedly, the Twitter employee had their recovery account set to a Hotmail account that was deactivated. The hacker was able to guess what the e-mail had been, reregister the account, and was able to get the password reset link sent to the Hotmail account. How do you protect yourself against that? Well make sure you have a valid e-mail account listed as your secondary account, and make sure that account has solid security protection. Or better yet, don�t use this method. Just leave the secondary e-mail account blank. You have two other methods to choose from. Method two is SMS. This is fairly secure, since any attacker would have to get access to your phone, or at least be near enough to intercept text messages to your phone number to steal your password. While this isn�t impossible, it�s a taller order. Of course, it also means you have to have a phone with a text messaging plan. Still this is my favored method. Method No. 3 is my least favorite. The Security Question. This is where a lot of people fail. If you make the answer to your security question something guessable or easy to find out, then the strength of your password won�t matter. Google suggests a few hard to guess things like your first phone number or Dad�s middle name. But while they may be hard, all of these are discoverable. Thankfully, Google lets you write your own question. I think you should treat this security question like another password. Write your own question and make the answer something entirely unguessable. Like What have you never told anyone else about? Answer: 5623break. Yes, that may be hard to remember, but it�s very secure. Unfortunately, they don't let you leave this field blank, so at best you can fill it with nonsense information. No system is 100 percent secure and obviously the most secure method here would be to provide no way to recover your password. However, if that�s too strict for you, now you have some information to help you choose where in that balance between protection and convenience you land. Stay safe out there. I�m Tom Merritt, CNET.com.

New releases

McLaren P1: Harbinger of the hybrid supercar revolution (CNET On Cars, Episode 58)
23:31 January 30, 2015
McLaren P1 on the track and on the street, CNET Style. How engines get their names and what it means. Also: CNET's Top 5 cars of last...
Play video
Boost's ZTE Speed is a 4.5-inch, low-priced Android
1:07 January 30, 2015
Featuring a 5-megapixel camera, a quad-core CPU, and a 4.5-inch display, the ZTE Speed is one of Boost's prepaid bargain Androids.
Play video
The LaCie Mirror is perfect for narcissists
2:14 January 30, 2015
CNET editor Dong Ngo totally likes what he sees when looking at the one-of-a-kind LaCie Mirror portable drive. And that's because (you...
Play video
Rid your Android quick settings menu of oddball toggles
1:17 January 30, 2015
CNET's Dan Graziano shows you how to fix one of the most annoying features in Android 5.0 Lollipop.
Play video
Beats Pill XL: Bigger Bluetooth speaker justifies its premium price
1:25 January 30, 2015
We weren't such big fans of Beats' original Pill, but the company's jumbo-sized model is well designed and performs much better.
Play video
Facebook using beacons to show location 'tips'
2:50 January 30, 2015
Social network's new app feature sends location tips to your feed using GPS, Wi-Fi and Bluetooth beacons. Meanwhile, your home Internet...
Play video
Testing out 'Insane Mode' in the Tesla P85D, Ep. 190
4:28 January 30, 2015
This week we get all nostalgic with the Prynt smartphone case that makes your iPhone work like a Polaroid camera, we learn some scary...
Play video
Nvidia G-Sync is a smooth move for PC games
3:01 January 30, 2015
The right graphics card and a G-Sync monitor can make games look better.
Play video