Make a Strong Password
The first thing you should do is make a strong password either when you first create your Gmail account, or as part of changing it later. In general, it is a good practice to make strong passwords for every website you use on the Internet. A strong password that is 8 characters or longer, contains letters (upper and lower case), numbers, and at least one special character (!, #, ?, %) decreases the liklihood of your account being compromised through simple password guessing. Again, the same approach should be taken for any website that may contain sensitive data. Arguably, this is the most important step to secure your Google account.
Always Update Your Antivirus Program
It doesn’t matter which Antivirus program you are using, you should always update automatically and everyday. Everyday new and more powerful viruses and malware are created so we need to take all precautions we can to protect ourselves.
Regularly Update Your Account Recovery Options
It is also a very good practice to update your Google account recovery options at least twice a year. You should update it at minimum every 6 months, and if you can update it every 3. Also put your mobile phone into the account recovery options because this is probably the best recovery option that is more likely to stay consistent versus the recovery email you may select. Finally, also update your security questions to be accurate.
Update Your Operating System
You like with your AntiVirus software, you should also update your operation system like Windows, Mac OS or Linux. It helps to patch your system to not only keep it working smoothly but it also includes security updates to protect your computer from malicious attack.
One of the strongest and most secure options Google Provides to secure your account is their 2-step verification process. Here you have the option to add your mobile phone so that whenever you login into your Google account it will send a security code to your mobile phone that you type into your browser to login successfully. So even if someone knows your password they would be unable to login because they do not have your phone. This type of security is used heavily within the business world to protect their most important systems.
Use Valid Link to Login
Finally, always make sure you login from the valid Google URL. There are a number of bad guys and attackers that will try to fool you into providing your credentials into a “fake” Google site. They may look exactly the same, so verify that the URL in your browser is a valid google.com (or other Country extension) domain before logging in.