From emails and documents to photos and notes—your Google account is your personal stash of important data. Have you done what you can to protect it from digital mishaps and malice?

At the very least, make these four basic changes from your Google Account page to protect your account and keep it easy to recover if the need arises.

1. Add a Recovery Email Address and Phone Number

Display of recovery email and phone number in Google account

If you ever get locked out of your Google account, having a backup phone number or email address on record can save the day for you. To stay on the safer side, it’s best to add both these details, and Google prompts you from time to time to do so when you open your account settings. (Security questions are no longer a part of Google’s account setup.)

If you don’t have your latest contact details saved with Google, here’s how you can update them:

  1. In your Google account, click on Security in the sidebar to access security settings.
  2. In the Ways we can verify it’s you section, click on the Recovery phone and the Recovery email options one by one to add new information. Ensure that your recovery email address is different from the Gmail address associated with the account whose settings you’re updating. It’s best to go with a non-Gmail address.

You can also update your contact details from the Personal info page (it's accessible from the sidebar). Here, you’ll also see other email addresses connected to your account. Google might ask you for one of these addresses during the recovery process if the usual methods haven’t worked.

Emails connected to Google account

Your recovery email and phone number ensure that you can get into your Google account even if you can't remember your password and/or email address. But, to account for a scenario where these methods somehow fail, it’s a good idea to copy out these two pieces of information that Google could ask you for during account recovery:

2. Set Up Two-Step Verification

Add phone number during 2FA setup for Google account

When you enable two-step verification, you protect your Google account with a second barrier. Your account is then accessible only with a combination of your password and a dynamic, time-based numerical code. This is a form of Two-Factor Authentication or 2FA.

To start setting up this extra security measure:

  1. Visit the Security page from the sidebar.
  2. Under the Signing in to Google section, click on 2-Step Verification.
  3. On the next screen, click on the Get Started button.

At this point, Google asks you to enter a valid phone number on which you can receive one-time codes. You can choose to get them via SMS or via a voice message. Take your pick and then click on the Next link.

On the next screen, type in the six-digit code you received from Google on your phone and once again click on Next. Proceed to enable 2FA by clicking on the Turn on link that shows up.

You’ll then see a handful of alternative options you can use as a second step if, say, your phone isn’t available or if you’d prefer a safer/easier option. A physical security key is your safest choice.

Whether you go with that or prefer to stick with SMSes or dedicated authenticator apps, ensure that you don’t miss this next step: printing backup codes.

Backup codes section when 2FA is enabled for Google account

There’ll be times when you don’t have access to any of your usual methods of generating one-time verification codes. Maybe you’ve lost your phone or it’s offline. Perhaps your authenticator app is malfunctioning.

Whatever the issue, it doesn't have to limit your access to your Google account. If you have backup codes ready, you're good to go: Here's how to get them:

  1. If you aren't on the 2-Step Verification screen already, access it via Security > Signing in to Google.
  2. Click on the Set Up link under Backup codes.
  3. Save the 10 backup codes generated by Google. You can print them to a PDF, download them as a text file, or paste them into a secure note in your password manager. Each of these codes are good for a single use.

If you’ve already generated a set of codes once, but didn’t save them back then, follow the same steps as above. (Keep in mind that you’ll see a Show Codes link instead of a Set Up link in the Backup codes section.)

3. Control What You Share on Google

Hide personal details via Google account settings

Information thieves can use personal details to steal your identity. That’s why it’s imperative to protect data such as your date and place of birth, phone number, email address, physical address, and so on.

If such data is a part of your Google account, you can control who sees it from the Control what people see about you page. Visit this page by clicking on People & sharing > Choose what others see in your Google account.

Here, scan the page to pinpoint bits of information that have either a Visible label or a globe icon. These markers show that the corresponding data is visible to anyone who interacts with you, meaning that it’s public. Click on them one by one to mark the data as Hidden. You also have the option to select the label Your Organization, which ensures that only your team members can see that data.

4. Revoke Access From Third-Party Apps You Don’t Use

Revoke app access from Google account

You might be using your Google account to log in to third-party apps. Or, you might’ve granted such an app permission to, say, view and change your Google calendar. It’s best to ensure that only the apps you trust and use have access to your Google account. As for the rest, we recommend revoking their privileges.

To do so, access the Apps with access to your account page. You can get there in a couple of ways via the Security page:

  1. Click on the Manage third-party access link under Third-party apps with account access, or
  2. Click on Signing in with Google under Signing in to other sites.

Now, on the next screen, you’ll see all external apps that have access to some aspect of your Google account. Click on each app to see which parts of your Google account it can view and edit. If you’re not happy with what you see, click on the Remove Access button to disconnect the app from your account.

This process does not actually delete your account with the third-party app. It only keeps the account inaccessible until you reconnect your Google account. For true deletion, you’ll have to delete the account for the relevant app before revoking access to the app from your Google account.

Protect Your Google Account

Getting locked out of an important online account (or losing its data) can be a worrisome experience. And when that account happens to be your Google account, it can cause utter panic. Pre-empt that situation by securing your account with the above changes. You should also look into the Google Advanced Protection Program.

You can then move on to personalizing and improving your Google experience. To get started with that, change your Google profile picture.