原始来源:http://www.chinagfw.org/2010/10/gmail_08.html

编辑说明:想确定你的Gmail是否安全?请访问:http://mail.google.com/support/bin/static.py?page=checklist.cs&tab=29488

Gmail的支持页面里更新了一篇安全清单,通过以下5个方法即可知道自己的Gmail是否有安全隐患。敏感词人士必读:

  1. 在这里查看授权获取Google帐户数据的网站。我自认为自己的安全功夫做的很到家,但在这里依然发现了1个奇怪的网站获得了Google帐户的访问权,赶紧ban掉
  2. 检查你浏览器的插件、扩展和第三方应用是否需要访问你的Google帐户。比如你安装了一个可检查Gmail新邮件的扩展,那么Google是无法控制这个扩展的安全性的,如果你安装了并不知名的扩展,需要小心了
  3. 查看邮件设置,以确保你的Gmail邮件没有被转发出去,有四个地方的设置会有安全隐患:
    • 常规:检查签名、外出回复
    • 帐户:检查'用这个地址发送邮件'、
    • 过滤器:检查是否有过滤器将你的邮件转发到垃圾箱、垃圾邮件,或是转发到其它邮箱里
    • 转发和POP/IMAP:查看这里是否有位置的帐户或邮件客户端
  4. 检查帐户最近的可疑活动。点击Gmail最下面的'上次帐户活动时间'后的'详细信息'链接,看看是否有可疑的IP访问了你的Gmail
  5. 进入设置的'常规'里,将'浏览器连接'设置为'始终使用 https',以确保当你使用咖啡厅或酒店的公众网络访问邮箱时不会泄露信息。

原文:
Gmail's support site has a security checklist
that's useful if you want to make sure that your Gmail account is
secure. There are some obvious tips like updating your operating system
and your browser, but Google also posted some advanced tricks:

1. 'Check the list of websites that are authorized to access your Google Account data.
Make sure that the list of authorized websites are accurate and ones
that you have chosen. If your Google Account has been compromised
recently, it's possible that the bad guys could have authorized their
own websites to access your account data.' To edit the list of
authorized websites, go to this page.

2. 'Check
your browser for plug-ins, extensions, and third-party programs/tools
that require access to your Google Account credentials.
Plug-ins
and extensions are downloadable computer programs that work with your
browser to perform specific tasks. For example, you may have downloaded a
plug-in or extension that checks your Gmail inbox for new messages.
Google can't guarantee the security of these third party services. If
those services are compromised, so is your Gmail password.'

3.
'Confirm the accuracy of your mail settings to ensure that your mail
stays and goes where you want it to. Sign in to your account and click
on the Settings link at the top to check the following tabs:

* General: Check Signature, Vacation Responder, and/or canned responses for spammy content
* Accounts: Verify your Send Mail As, Get mail from other accounts, and Grant access to your account are all accurate.
* Filters: Check that no filters are sending your mail to Trash, Spam, or forwarding to an unknown account.
* Forwarding and POP/IMAP: Ensure your mail isn't sent to an unknown account or mail client.'

4. 'Check for any strange recent activity on your account.
Click the Details link next to the 'Last Account Activity' entry at the
bottom of your account to see the time, date, IP address and the
associated location of recent access to your account.'

5. 'Use a secure connection to sign in.
In your Gmail settings, select 'Always use HTTPS.' This setting
protects your information from being stolen when you're signing in to
Gmail on a public wireless network, like at a cafe or hotel.'