Updated: November 8, 2010
Lack of knowledge begets fear. Most people using email are not that much computer literate. So they spend a disproportionately large amount of energy, time, money, and effort hunting for the ultimate formula that will automagically protect their email. One of the most common questions a typical user may ask is: is someone else reading my mail?
To know that, you might need to be a hacker, supposedly run all kinds of security tools that monitor this and that, setup traps for potential stalkers, ex-wife and whatnot, or you could be using Gmail. Rather than letting users fiddle with stuff they do not know, re: mail privacy and security, the Google geeks have done something very simple - they took control of that stuff for you. Neat, isn't it?
What I'm talking about? Well, it's called Last account activity and it's a servers-side function only. In other words, it runs on Google servers and no one can tamper with that information. You get a completely accurate, unbiased and professional report about the mail activity for your account. So if you're wondering if someone is reading your perv mails about your secret affair with the flight attendant you met last year, now you will know. Let me show you.
You will notice a seemingly inconspicuous little entry called Last account activity. The line will display the last login to your account and the IP address you used at the time. If you click the Details link to the right, you can expand the report and see a lot more.
Clicking on Details brings up a window called Activity Information. This is a very simple to use account activity report, which lets you look for any problems, discrepancies or suspicious logins, which might indicate that someone else is using account, either because you have used a very simple, weak, easy-to-guess password, because you may be running some sort of malware on your machine, or because you let other peoples share the account.
The table provides a detailed report on the last ten logins, including the access type, like browser, mail client, mobile, etc, the IP address and the location (country) where the login was granted and the local timezone date.
You can scan the list of entries and look for suspicious activity, like logins from countries where you know for sure you have not been at that particular date or from IP addresses that do not belong to you.
Moreover, you can force a logout from all open sessions using the Sign out all other sessions button, which could help you regain control of your account, if it has been compromised.
Furthermore, you can change the way Gmail alerts you for unusual activities with your account. You can click change in the bottom of the Activity Information window to display more information and possibly change the settings.
You can setup your account to alert (or not) on suspicious activities. The default behavior is to alert, which means that even less knowledgeable users will be informed if Google algorithms determine that their account has been used improperly.
And that's it.
Personally, I think this feature is far more important than any anti-spam, anti-malware, anti-whatever client-side software you may consider using. It shows that Google folks take things seriously and do not want their assets to be misused, for whatever reasons. As a customer, you enjoy from a serious, powerful security solution. While it may be reactive, it's still superior to anything you may run on your computer. It should definitely help minimize and contain damage, if a breach happens.
There are many other security features present, including the file attachment policies, but we will discuss these separately. At the moment, you can rest assured that if someone does hack into your account, you will have a chance to recover quickly.
A few weeks ago, I've written about Hotmail attempts to best Google with titanic file attachments. I'll choose account activity reports any time. That would be all, me hearties.