Managing your Google Account Security

Managing your Google Account Security

Every now and then we get an alert from Google to say there has been a suspicious login for a Barton account; it’s probably nothing but it does mean that you have to check that your account is safe.

It is easy to check your account security and shouldn’t take more than a couple of minutes. Start by going to this link and logging in with your Barton Peveril account – https://myaccount.google.com/security

On this page you can review any potential security issues that Google has found in your account, see when you last changed your password, review recent security events and see what apps and devices have access to your account. There isn’t a need to add a recovery phone or email address as it’s your Barton account and we can reset your password if you ever forget it.

Security issues found

On this section of the page, you will be able to review any issues that Google may have detected. If there are issues that need resolving, click on the Secure account button. You will then be able to review these issues and follow the steps provided by Google to attempt to rectify the problem. Often, these issues will be incidents such as new logins from unfamiliar devices. Please review these carefully. If you recognise the login attempt, you can select Yes, it was me and this will clear the issue from the list. If however, there is something listed which you do not recognise, this could indicate a potential breach and that someone else may have your username and password. In such an event, click on the 3 vertical dots alongside the device and select the Don’t recognise this device option. The popup will inform you that you will be signed out of all devices except the one you are currently using. You will then be asked to reset your password. If you have used this password for any other services we highly encourage you to change the password for those services as well as soon as possible.

Recent security activity

Similar to above, this section will show you all of your recent security events (new login, password changes, etc) for the past 28 days.

Again, if there is something that you do not recognise, you can select it from the list and follow the appropriate actions:

Your devices

Rather self explanatory this one – it shows a list of devices on which you are currently signed into using your Barton account. If you are no longer using a device (perhaps an old phone) you can click the 3 vertical dots shown alongside the device and choose Sign out

Third party apps with account access

This shows any third party apps which you have signed into using your Barton Gmail account. This usually occurs when you sign up to a new web service and select the “Sign in with Google” option instead of creating a new account password to remember. While this option is secure and can make signing up to third party services easier, it is important to keep track of what these third parties then have access to in regards to your personal data. If you click on one of the services, it will list what the app has access to:

It is not uncommon for a third party app to have access to make changes to your account; in the example above, Kami has access to view and manage the contents of my Google Drive. I know that Kami is an application that the college has a licence for and it works alongside Google Workspace, so it seems reasonable that it has this permission. If however, you feel that a third party has excessive rights to your Google Drive and personal data, you can remove access by clicking on the REMOVE ACCESS button.

Signing into other sites – Password Manager

Password Manager lets you save a password for a website so that the next time you visit the site, it can populate the password field for you. This has the benefit of not needing to remember, or worse – write the password down. If using Google Chrome, the Password Manager can even create a secure password for you. While all of this is convenient, there is a downside. All your saved passwords are protected by just the one set for your Google account, if this were to be compromised for some reason, it is possible that someone could then gain access to all of your other passwords. However, this is true of most password managers out there and not necessarily a shortcoming on Google’s part. 

If you click on Password Manager it will present you with a list of apps and websites that you have saved passwords for:

You can click on any of the listed passwords and, after entering your password, you will be able to Edit or Delete as required. 

There is also a useful Password Checkup feature. Click the Go to Password Checkup button and sign in if prompted. This feature checks your list of saved passwords against known compromised passwords. If it detects that you are using one of these the Password Manager will alert you to this. If this is the case, we would recommend that you change the password using the guidance provided.