Message from Google Saying Someone Signed into My Gmail Account

Just received an e-mail supposedly from Google alerting me that someone has signed into my gmail account with my password.

Is this real?

Thank you

Possibly. When I sign in from a new device, I get an alert. Is there a key icon on the message?

Either way, change your password right away.

I get those sometimes if I log in somewhere other than my usual spots: laptop, phone, home PC.

Yes, they are real. But if you didn't sign on then you should change your password ASAP - and not through any links.

TarheelsInNj said:
Yes, they are real. But if you didn't sign on then you should change your password ASAP - and not through any links.

This. This happened to me about 2 years ago. Someone actually did get into my account and changed my password and Google let them! After the fact Google advised me. They had to shut down my account and give me a new one with all new credentials.

.... which is a good reason to add your mobile number to your account. You can reclaim your account via text.

This MIGHT be real. If it provides a link to check, it's probably fake, and the page at that link will reap your password. Don't click on a link. Just go to gmail yourself. Change your password just for good measure. Even smarter would be to enable two-step authentication. That makes it very hard for someone to log in as you even if he has your password. But it takes extra effort to use. I think it's worth it, but some can't be bothered. Two-step authentication combines the password you choose with a password (really a number) of the minute. The number changes each minute. You can set up an app on your phone to generate the number of the minute. Or you can have them text it to you. Or you can print out a sheet of numbers and keep it in your wallet; in that case, you cross off the top one and use the next one next time.

I use the 2-step verification. I think it's worth the extra 5-20 seconds it takes to get the verification code from Google. I'm pretty confident nobody can log into my account without access to my phone.

You can look at your account settings in Google and it will give you a listing of devices and locations where you have been logged in. The one disconcerting thing was that my history showed I was logged in in Passaic. But it showed my laptop ID, so I am assuming it has to do with the location of the Fios server.

Look under "Sign-in and Security" for the "Device activity and notifications" selection.

I've had people get these alerts after turning on devices that had been set up and not used for a long time (like an old iPad, or old iPhone, etc.) Unless you can relatively quickly match up the alert to some explanation I'd just change your password.

mrincredible said:
I use the 2-step verification. I think it's worth the extra 5-20 seconds it takes to get the verification code from Google. I'm pretty confident nobody can log into my account without access to my phone.
You can look at your account settings in Google and it will give you a listing of devices and locations where you have been logged in. The one disconcerting thing was that my history showed I was logged in in Passaic. But it showed my laptop ID, so I am assuming it has to do with the location of the Fios server.
Look under "Sign-in and Security" for the "Device activity and notifications" selection.

I often seem to be logged in from Clifton or Bridgewater even while I am home in Maplewood.

Thank you. I reset my password. I enabled 2 step verification but I'm already annoyed by it and have since turned it off.

The message I received from Google indicated that somebody had my password and had tried to log in from Croatia.

If you are like me you use the same or similar passwords for multiple accounts (I understand this is not advisable, but I think in reality many of is do this). I recommend you change all of your passwords since someone maybbe targeting more than just your Google email.