How To View Gmail Login History
If you are using Gmail, Google’s free and hugely popular webmail client (more than 1.5 billion users, accounting for 20% of the world’s email traffic), then you probably only look at your email login history when you are informed of suspicious activity on your account. Any time you use a new device (like a new smartphone or tablet, or a shared computer somewhere) to log into your Gmail account, Google sends an alert to the device or account you’ve specified for such security notifications. Usually we say “yes, that was me, OBVIOUSLY” and try to go about our business, but sometimes, when the alert comes at a time when we haven’t been using our Gmail, we dig into the security logs to see what’s going on.
Those alerts, you see, only provide one data point – one login date, one browser, one location. But what if your email has been compromised, and it isn’t a one-time situation but rather something that’s been going on for a while? What if someone’s been monitoring your email activity or sending out malicious emails in your name? In this article, I will show you how to do a comprehensive and effective review of your Gmail login history, so that you can detect if there has been a pattern of use by an unauthorized user.
Getting to the Bottom of the Problem
In order to detect unauthorized users, you need to know who the authorized users are. More specifically, Gmail doesn’t really track users, it tracks sessions, and those sessions are identified by the device, the browser software, and the IP address used for access. Accordingly, you will need to know which devices you’ve used to access your Gmail account, the IP addresses from which you’ve accessed it, the browsers you used to do it, and the exact dates when you logged on to check your email.
The second step is to check your login history in order to figure out when and where someone else used your account. By doing this, you will be able to flag unauthorized access points and prevent them from happening again.
Gmail Login History Check
If you want to see your Gmail login history, you have to log in to your account first. From the bottom right of your dashboard, click on the Details button. This should open up a new tab with your account activity information.
The tables you see list the browser used, the IP address, the country of origin, and the date and time of the login. From this new tab, you can choose to sign out of all active web sessions if you notice any foreign activity.
You can also check for other details regarding each login by clicking on the Show Details link next to the browser tag.
Another way to view your login history is to visit the Recent Security Events page. There you can see any new logins from unauthorized locations and flag them.
You should also know that if you use another device, such as an iPhone with a 3G network, the address will be different from that of your home or office computer. Once you know both those addresses, you should immediately be able to tell which logins were not authorized. (See our related article on telling whether someone else is using your Gmail account.)
Beware the VPN
You may immediately spot a rash of suspicious logins and exclaim “wait a minute, I never logged in from Pocatello, Idaho! I’ve never even been to Idaho!”
Before you decide that you were hacked, check to see if you’ve been using a virtual private network (VPN) package to cover your web browsing tracks. VPNs will usually spoof the IP tracing mechanisms of the Internet to make your computer appear to be somewhere (and someone) else; if you’ve had a VPN running, it may be a little tricky for you to make heads or tails of your session logs.
This is not an argument for not running a VPN, by the way; VPNs definitely add a layer of security to your online sessions. However, be aware that they can complicate efforts to interpret slogs.
Why It’s Important to Check Your Gmail Login History
By the very nature of being a cloud-based email service, Google can’t just automatically block unauthorized IP addresses and devices from logging in to an account. They’d be blocking their legitimate users every time those users changed phones or used a different machine. The only steps they can take are the ones they do take, by flagging potentially suspicious events like mystery logins for your attention.
Most of us don’t change our passwords on a regular basis, if at all, so doing a login history checkup every once in a while is a good way to catch any shenanigans going on with your email. It doesn’t take very long, and better safe than sorry. Besides, even if you change your password regularly, you can’t always know if someone has a keylogger on your computer or some other way of finding out your password. If you find authorized legitimate logins, but from times and dates when you knew you weren’t in Gmail, then perhaps someone has physical access to your machine and is taking advantage.
The best way to keep your Gmail account safe is to regularly check your login history and report devices that shouldn’t have access to the account. The good news is that any new access point is flagged by Gmail. You should receive a notification email almost instantly so that you can take quick action.
Other Security Steps
There are other proactive steps that you can take to increase the security of your Gmail account.
One step is to set up a recovery email and phone number if you haven’t already, an email and a phone number that you know aren’t compromised, so that if worst comes to worst you can take back control of any hacked account. This is simple and easy to do; Google will walk you through the process.
Another step is to set up two-step verification on your account. Two-step verification adds another step to the login process. Besides your username and password, you can either have a physical device that you insert into the machine you’re using to validate that it’s you, or you can have Google call you or text you with an authorization code, or you can have Google send a prompt directly to your physical phone of record to verify that it’s you. These steps can be a little bit annoying if you log in frequently, but they make it virtually impossible for someone to hack into your Gmail account without having physically compromised your systems. To set up two-step verification:
- Go to your Google Account.
- On the left navigation panel, click Security.
- On the Signing in to Google panel, click 2-Step Verification.
- Click Get started.
- Follow the steps on the screen.
Do you have any other tips or suggestions to improve Gmail security? Share them with our community in the comments section below!
Want more information about using Gmail? TechJunkie has the data you need! Check out our review of the best clients for Gmail, our tutorial on how to delete your Gmail messages from your iPhone, and our explanation of how to get notifications from Gmail on your desktop. We’ll also show you how to export your Gmail messages as text files, how to use search operators and wildcards in Gmail, and how to export all your Gmail contacts.