Skip to main content

How to secure your Google account and Blogger blog?

As a part of contributions to NCSAM, I am writing this article down on what all should we be aware of with respect to Google's security aspect and how to make sure your blog stays yours forever.

What is NCSAM?

It's National Cyber Security Awareness Month which is observed during the month of October every year in America.

However, we all know cyber security is a world topic and is not limited to just the USA. So let me give some tips with respect to keeping the Google account safe and Blogger blogs safe from hackers. As I secure my account, I hope you people catch up too.

In this blog post, I am going to tell about the following,
  1. Securing your Google account.
  2. Securing your Blogger blog.

Securing your Google account

Since Blogger is also part of your Google account, let's first see what all we need to do to keep our Google account safe.
  • Don't share your password to anyone.
  • Keep changing your password every 60 - 90 days.
  • Make sure your password is strong enough. Have at least one capital letter, one special character and one number.
  • Make sure you logout your account when you use it anywhere other than your own personal laptop or desktop.
Those are the basics. There are few advanced things we can do to keep the account in safety. We can walk through Google accounts security section to see what all we could do. 

1. The security checkup.
As soon as I go to the security page, Google account says, 
This is about my account. When it comes to your account, if Google has found any potential security threat, it will ask you to review it. 

Irrespective of whether it has detected a risk or not, you can still go for a checkup by clicking "Get started"

What do I see when I click the same?
Everything is a green mark. Google now thinks there are no potential risks to your account.

Feels safe right? However that is not everything. Let's click on "Continue to your Google Account" which takes us back to security section.

Coming down to the next section,
  1. When have I changed my password?
    28 July 2018 - Absolutely vulnerable.
  2. Am I using my phone to sign in?
    No
  3. Do I have my 2-Step Verification turned on?
    Oh noooooo! Worried!
  4. When have I changed my Google PIN?
    Way back in 2017. That's again worst thing.
Adding all these up, my account is so much in threat. Now I am going to go ahead and secure my account more. 

I have changed my password and setting up 2SV.  Read more about 2SV here

Two step verification (2SV)

In short, 2SV is an additional verification that it is you who is logging in. Therefore Google asks you for your phone number and when you login to a new device, Google sends an OTP by call or text message to verify.

Too lazy to type in OTP each time? You're lucky. Google has got two other options as well one of which is getting a prompt in your phone.

I am comfortable with a Text message and so going ahead with Text message. If you find something else comfortable for you, please go ahead with that one.

Done and I am all set up for 2SV. Now when each time I login in a different computer, I am prompted with an OTP and only when I confirm it, I am let in to my account.

Next is my Google pin. I am going to go ahead and change that as well.

Screenshot of Google account PIN change
Being all that said and done, what else can you do to get your account back just in case you have been hijacked or you have forgot your account password?

Well, here comes the recovery information section,
(Information is hidden for privacy purpose)
You should enter a recovery phone, recovery email and answer a security question. 

Unfortunately, Google does not anymore support security questions. You can only use recovery phone and an email. May be it's showing up in my account because it's ancient.

Having these setup will have your account easy to recover for yourself and difficult to hack into for others. Hope these tips helps in keeping your account safe. 

Finally, if you ever feel you missed to logout your email from a stranger computer or you feel you are being hacked, change your password first. Then go to Gmail for Web and scroll all the way down to see the following at the end,


Click on the Details as highlighted and you'll get to see a popup window like below,


Here you can know what are all the devices that are logged in. You can choose "Signout of all other Gmail sessions" which will remove all of Google sessions except the one that you are logged in.

Now when this is done, you can login only to your devices back. 

Thanks for reading through this long. If you do all these itself, your blogger blog is already safe as all google products are under one roof. 

However let me tell you an interesting story of an old friend of mine. Herself and one another friend of hers started writing a blog on various genres. Over an year or so the blog got decent amount of viewers and they started inviting guest authors to write post. 

They approached the guest authors online and got content over email and then post it by giving credits to them. As it went, the blog became so popular but they became quite busy with their life. However they wanted to keep their blog going. So they decided to hire a person for it. They hired too from online market. Everything was the same except that this time they didn't get content over email rather added the content writer to their blog as Author.

Days went and at some point the author needed admin access and without second thoughts they gave permission so that the author can change whatever he wants in the template section. Sounds great right?

It sounded awesome until the next day they login to their account to see the blog disappeared. Booom!!!! 

What? Why did Blogger remove their blog? That was the first question that popped up in their mind. 

"Congratulations dear! Your blog just got hijacked" - That is all I was able to tell when they came up with this to me. Unfortunately until this moment, they are not able to get the blog back. What are the take aways from this story?
  1. Write and build your blog to the best. Never let it go.
  2. Never invite a stranger to write in your blog. At least not an online stranger. 
  3. Never ever give Admin access to a person who is not even known to you in person.
All that said, secure not only your google account but all your online accounts and safe and happy blogging. 

Comments

  1. Thank you so much. There is a very beautiful and full information blog.

    ReplyDelete
    Replies
    1. Thank you so much Web Kenti.

      Am glad to receive your comments. Please do follow and stay updated.

      Delete
  2. I want to retain all of my old writings in the blog

    ReplyDelete
    Replies
    1. Hi Vabna,

      If you are having your account well secured, I guess you can retain them forever.

      Should you have any queries or articles that I should write about, please do leave a comment.

      Delete
  3. Replies
    1. What is happening every day? Could you elaborate?

      Delete
  4. Good morning

    ReplyDelete
  5. wow,nice information.it will help me a lot....

    ReplyDelete
  6. I want the link to download this theme which you've set for this article.
    Please it's a humble request this theme is cool.

    ReplyDelete
    Replies
    1. Hi Joy,

      This is one of the default themes available in Blogger platform itself. Instructions according to New UI of 2020.

      1. Please go to blogger.com
      2. Navigate to Theme > Notable
      3. In this, you might see 5 themes with their respective names under it. Choose Antique
      4. Click Apply

      There you go.

      Delete
  7. i like your blog. best of luck.

    ReplyDelete
  8. Kesava krishnan, it's a hilarious article that you wrote, I glad to say you that it's a great work to spread awareness regarding cyber security. Keep it up with this type of articles and happy journey on blog.

    ReplyDelete
    Replies
    1. Thank you so much and am glad to know you were able to smile reading the article. Please do keep your accounts as secure as possible.

      Delete
  9. I have patiently read and enjoyed your article. You Wrote so well to understand that I finished reading the whole thing. It is the article I have been looking for so far. I have chosen google's rules.
    Thank you very much.

    ReplyDelete
    Replies
    1. Thank you very much for reading and for your kind comments. It excites and motivates me.

      Have a happy and safe blogging :-)

      Delete
  10. Thanks everyone for so much love :-)

    ReplyDelete
  11. Replies
    1. Are you looking for something related to smartphone? Please elaborate.

      Delete
  12. I am really surprised by the quality of your constant posts.You really are a genius, I feel blessed to be a regular reader of such a blog Thanks so much

    ReplyDelete
  13. You wrote so attractive that I could not stop myself for commenting it. Really Good job Thankyou

    ReplyDelete

Post a Comment

People also read,

Blogger Tweak - Open external links in new tab automatically

So, once upon a time, a really long while ago, I tried to customise and recreate a Blogger template which is not available anymore, but there's one thing I remember about it. I had a jQuery code written to make all the external links open in new tab. I also thought, it's about time I revive that idea and write a more intact code and here we go.  So, there are two things to do.  Add Javascript code that detects external links and opens them in new tab. Add a CSS code to let users know that a particular link is going to be opened in new tab. Adding a javascript code Please follow the instructions below, Go to https://blogger.com  dashboard Navigate to Themes > click the down arrow near "Customize" and then click on Edit HTML. Now scroll to the very end and paste the following code just before </body> tag. <script type='text/javascript'> document.body.addEventListener(&quot;mousedown&quot;,function(event){       if(event.target.ta...

Blogger HTTPS for custom domain and Cloudflare

In BHF, there was a recent issue related to cloudflare where the browser screams the site is a phishing site. So I thought of writing up how does a service like cloudflare affect your blogger blog. What is Cloudflare? Well we have that written all over Wikipedia: Cloudflare . Let's go on with why Blogger users look for Cloudflare. Anciently Blogger users used Cloudflare for one simple reason. HTTPS for custom domains. So what happens when you introduce Cloudflare into your domain? DNS Redirect. Your custom domain will be configured with the proxy info provided by Cloudflare and when the request is hit, DNS redirect happens. DNS redirect is bad for the site's health. A number of reasons, but the most important is that some browsers, when it detects a DNS redirection, it thinks that it is a phishing site. What is a DNS redirect? I am trying to explain this in easy terms. I'll try not to be too technical. When a custom domain URL is hit, usually the domain reques...