Skip to main content

Google sign-in page now requires JavaScript to run risk assessment, adds new ‘Secure your account’

Avatar for Abner Li  | Oct 31 2018 - 3:25 pm PT
0 Comments

October is Cybersecurity Awareness Month and Google is announcing a slew of new features related to the sign-in process and account usage. New Google Account security protections include requiring JavaScript to be enabled when logging in and removing harmful apps during Security Checkup with Play Protect.

On the Account login page, Google runs a risk assessment that only allows the “sign-in if nothing looks suspicious.” This analysis to protect against phishing requires that JavaScript be enabled, with Google noting that only .1% of users have it disabled. If that is the case, you will be prompted to enable it before signing in.

Chances are, JavaScript is already enabled in your browser; it helps power lots of the websites people use everyday. But, because it may save bandwidth or help pages load more quickly, a tiny minority of our users (0.1%) choose to keep it off. This might make sense if you are reading static content, but we recommend that you keep Javascript on while signing into your Google Account so we can better protect you

Once users are signed in, the Security Checkup feature now takes into account nefarious applications installed on Android devices, with Google Play Protect leveraged. You might be prompted to uninstall any harmful apps found on your phone, while Google recently beginning to recommend that users removed unused, but logged in devices.

Google is working to better notify users when any data is shared from your Account. Rolling out in the coming weeks, this notification was previously limited to when sensitive Gmail or Google Contacts data was granted to third-party services.

Lastly, Google will help compromised accounts with a new step-by-step “Secure your account” walk-through. It will automatically be triggered if potentially unauthorized activity is detected and works to verify critical settings, files, and check financial activity

  • Verify critical security settings to help ensure your account isn’t vulnerable to additional attacks and that someone can’t access it via other means, like a recovery phone number or email address.
  • Secure your other accounts because your Google Account might be a gateway to accounts on other services and a hijacking can leave those vulnerable as well.
  • Check financial activity to see if any payment methods connected to your account, like a credit card or Google Pay, were abused.
  • Review content and files to see if any of your Gmail or Drive data was accessed or mis-used.

Check out 9to5Google on YouTube for more news:

Add 9to5Google to your Google News feed. 

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Google — experts who break news about Google and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Google on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Check out 9to5Google on YouTube for more news:

Comments

Guides

Google Account

Google Account

Author

Avatar for Abner Li Abner Li

Editor-in-chief. Interested in the minutiae of Google and Alphabet. Tips/talk: abner@9to5g.com