Illustration: Andy Wolber/TechRepublic

Whenever a reckoner is out of your direct view and control, there's always a take chances that someone other than you tin can gain access. A person who returns from a trip might wonder if their computer and accounts have been accessed during their absence. A person might notice odd activity in Gmail, not aware that their password has been fabricated public (or "pwned"). Or, in some cases, a person might be surveilled by a partner, a family fellow member, a colleague, or even an unknown party.

To secure an account, you might get-go change your password, enable ii-cistron hallmark, or even enroll in Google'southward Advanced Protection Program. Those steps will help y'all secure your account. However, in cases where people are dangerous because of domestic abuse, these steps volition likely non exist encouraged by an abuser–assist is bachelor.

The post-obit steps can help you figure out if someone, other than you lot, is accessing your Gmail or Google account.

Run across: Google Sheets: Tips and tricks (TechRepublic download)

Did someone access my Gmail business relationship?

In a desktop web browser, Gmail allows you to review contempo e-mail admission action. Select Details in the lower-correct area below displayed emails, beneath Last Account Action (Figure A).

Figure A

If your Gmail account has been accessed in other locations or on other devices, y'all may brandish recent action while signed in to Gmail from a desktop-form web browser.

The arrangement will show y'all information about the most recent 10 times your Gmail account has been accessed, forth with the access type (browser, POP, mobile, etc.), location (IP accost), and the date and time of access. This tin can aid you identify if any of this admission is from an unexpected device, place, or time.

Note: If you apply a virtual private network or a hosted desktop, the location information may reverberate data related to your service provider, instead of your physical address.

In a few cases, I've had clients concerned about admission in an expected location, but at an unexpected time. Sometimes, this was just considering they'd left a computer on, with their browser or mail service client open: The system could be configured to car-bank check mail service periodically. In one example, access occurred after a power outage. They'd configure the system to automatically power on after an outage, so information technology signed in and downloaded new mail shortly afterward power was restored.

Did someone access my browser?

In the Chrome browser–and on whatsoever Chromebook or Chrome OS device–press Ctrl+H to display browser history. Alternatively, type chrome://history in the omnibox, or select the iii-vertical dot carte du jour in the upper-right, then choose History | History. On macOS, printing Command+Y. You may scroll through all available sites visited. Review these to see if whatever sites displayed are unexpected.

Additionally, you may enter search terms in the box displayed above the historical URLs listed. For example, search for "sign in," or copy and paste this link into your browser omnibox: chrome://history/?q=sign%20in to display most site login pages (Figure B). Again, review the results for any sites you don't expect. You might search for "gmail.com" as well.

Figure B

Utilize Ctrl+H (or on macOS, Command+Y) to display your browser history. Y'all as well may search history for terms, such as "login" or "sign in," as shown.

Did someone access my Google account?

Go to https://myactivity.google.com/ to access your Google account history across all devices and Google services, such equally YouTube, Google Maps, Google Play, and more (Figure C). Depending on your security settings, yous may need to re-authenticate when yous attempt to admission this information. Again, review any recorded information to make sure it corresponds with your usage.

Figure C

The My Google Activeness page displays any recorded access of web sites, apps, location, and YouTube.

Similarly, go to https://myaccount.google.com/device-activity to review a listing of devices to which yous've signed in with your Google account (Figure D). You may select the 3-vertical dots in the upper-right of any displayed devices, and then choose Sign Out to preclude any time to come access without re-authentication on a device.

Figure D

You also may review the devices Where You're Signed In to your Google account. Select the 3-dot carte du jour in the upper-right corner of the box for each device to Sign Out of any device.

Get through Google'south Security Checkup (https://myaccount.google.com/security-checkup) for a step-by-stride review of every item Google's organisation identifies as a potential security issue (Figure Due east).

Figure Eastward

Google's Security Checkup helps you lot review the security of your account, step-by-step.

Utilise Google Workspace (formerly G Suite)? Ask an administrator for help.

If you lot use Gmail and Google Workspace as office of an organization (eastward.chiliad., work or school), an administrator may be able to do additional review of your business relationship access data. To do this, the administrator will need to sign in to the admin console at https://admin.google.com. From the Admin console, they might go to https://admin.google.com/ac/, select your account, then review security settings likewise as continued apps and devices. Next, they might review all login data by going to the login report at https://admin.google.com/ac/reporting/audit/login, then filtering for your account (Figure F). Since this information is centrally logged by the system, access records will remain, even if the person accessing your account attempts to cover their tracks (east.grand., by locally deleting browser history).

Figure F

For organizational accounts, a Google Workspace administrator may review account settings (e.1000., security, apps, and devices) and inspect logs (due east.g., account sign ins), as displayed in these two alternating screenshots.

What's your feel?

If you've wondered whether someone else has accessed your Google account, what steps have you taken? What did you acquire when y'all completed the above access review of your Google account? Let me know any additional steps you advise, either in the comments below or on Twitter (@awolber).