Gmail might be one of the better free email providers, but nothing is perfectly safe. If the worst does happen, and a hacker gets into your account, knowing how to recover a hacked Gmail account helps you get life back to normal quickly. Once you’ve locked out the hacker, protect your Gmail account to prevent unauthorized access in the future.
Note: even if your account hasn’t been hacked, Google will be deleting any accounts that have been inactive for two or more years, starting in December 2023. So, if you’ve forgotten your password, you may be able to use the below methods to recover a Gmail account.
How to Recover a Hacked Gmail Account
Usually, Google sends you a message about a strange login attempt, or friends may tell you that they’ve been receiving weird emails that you never sent. Both are signs of a hacked account. With all the personal data in your email, you’ll want to start recovering it immediately.
There are two main methods to recover your Gmail account:
- Reset your password
- Complete the Google Account Recovery questions
If you’re lucky, you’ll just need to reset your password. If you received an email or notification on your phone about login activity in your Google account, click Check activity to view more details.
Log in to your account. If the hacker changed your password, you’ll get an error. Click Forgot password just below the password box to change your password. Google will ask you a series of questions to confirm your identity.
This includes previous passwords (the more recent, the better), answers to questions you were asked during the account creation process, and even any other email addresses tied to the account.
If you’re able to log in, click No, secure account to start securing your Google account. If you’re not able to log in, go directly to the Google Account Recovery page, even if you didn’t receive a notification.
Answer a series of questions when prompted, which vary, based on the user. For the best chance of recovery, use the following tips:
- Answer every question, even if you don’t remember the answer.
- Try recovering your account on a familiar device and browser. (It’s easier for Google to verify you on a trusted device.)
- Try recovering from a usual location, such as home or work.
- Carefully enter answers without typos.
- Use your recovery email or phone number to get a verification code
- Explain why you can’t access your account. (State that your account was hacked or compromised, and give an approximate date when suspicious activity may have occurred.)
You can attempt to recover a hacked Gmail account multiple times. If you get something wrong, try again. Once you do regain access, it’s time to learn how to protect a Gmail account to reduce the chance of a hacker getting in and to make recovering your account much easier.
Missing emails after recovering your account? We help you find lost emails in Gmail.
Ways to Protect Your Gmail Account
If you’re able to successfully log in, Google takes you through different methods of securing your account. Remember, your Gmail account isn’t just Gmail. It’s all the other Google services you use with that login as well. You don’t have to use every protective option, but it’s a good idea to use at least two to three for optimal security.
There are some great ways to protect your Gmail account, and these are some of the most useful.
Turn on Two-Factor Authentication
Two-factor authentication is based on two steps: input your password as usual, and the service will send a text message to your phone with a code (or via the Google Authenticator app) that you have to input in the service to access your account.
Activate this in your Google account to improve the security of your account. You can choose whether you want to use the second step every time you log in or mark a given computer as “safe,” therefore sparing the second step for that computer.
You can also set up passkeys to make it easier and safer to login. This is still fairly new but works similarly to two-factor authentication, but without the initial password.
Recovery Email Address
When you create a new Gmail or Google account, you’re prompted to provide a recovery email address. Use this address to recover forgotten passwords and receive security alerts if your password changes.
If you didn’t change the password, take action immediately to recover your Gmail account. This is a quick sign that a hacker has access to your account.
Phone Recovery
During registration, Google also asks you to provide a phone number to be used for password recovery. When you try to recover your password, Google sends a text message with a code to the provided number, which you have to input into Gmail, just like the example in the screenshot above.
Enter the correct code to jump the password reset screen. If it’s not correct, ask for another code.
Use Stronger Passwords
We’ve been using passwords the wrong way. That’s right: we have been setting passwords that are hard for humans to guess but very easy for computers to crack. For example, this article shows that the password “this is fun” (with spaces as part of the password) is a safer password than “s$yK0d*p!r3l09ls.”
The downside of longer passwords is that they’re hard to remember – unless you use xkcd’s method, which consists of using several common words but in a not-so-logical way, yet with some logic so that you can remember them.
If you want to use this method, use the xkcd Password Generator, which will generate a four-word password. According to How Secure Is My Password, it would take 15 octillion years for a desktop PC to crack the password shown in the xkcd comic strip.
Automatically Log Out of Gmail
Always sign out immediately when you’re done using your account. Otherwise, you’re giving others free access to your account. For your home or work computer, there are several ways to automatically log out when you’re finished to better protect a Gmail account.
Protect Your Accounts
Even if you don’t think there’s anything in your Gmail or other accounts to steal, hackers don’t care. Be proactive and protect your Gmail and other accounts. For instance, set up two-factor authentication on all your social network accounts. You can also try these Google Authenticator alternatives to secure your various online accounts.
Image credit: Unsplash. All screenshots by Crystal Crowder.
Our latest tutorials delivered straight to your inbox
