After years of testing, Gmail has finally added a very useful security feature:
tracking open sessions. If you log in to Gmail from more than one computer and you forget to sign out, you'll be able to see the list of locations where your account can still be accessed.
Until now, the only solution when you forgot to log out from Gmail after using a public computer was to change your password. Otherwise, anyone could access your account without knowing the password. Now you can sign out remotely from all the locations where your Gmail account is still open.
If you click on "Details" in Gmail's footer, you'll find a lot of interesting information about your sessions. "The top table, under
Concurrent session information, indicates all open sessions, along with IP address and access type -- which refers to how email was retrieved, for example, through iGoogle, POP3 or a mobile phone. The bottom table, under
Recent activity, contains my most recent history along with times of access. I can also view my current IP address at the very bottom of this window, where it says
This computer is using IP address...".
This could be useful if you want to find whether someone else has access to your account: you'll be able to find the IP address and the date of the most recent activity in your account.
Gmail's blog mentions that this feature is currently being rolled out in
the new version of Gmail, so you may not see it right now. Google AdSense, PayPal and orkut are three other services that show the time of your last login so you can protect against abuse, but Gmail's new feature is much more advanced.
Among the things you can do to
protect your Gmail account, it's a good idea to sign out after reading your email, not to select "remember me" when you log in from a public computer and to choose
a good password that should remain secret.
Labels: Gmail, Security
Taher said on July 7, 2008 3:49 PM PDT:
Google's excellent care of USERS, COMMENDABLE !
KenBW2 said on July 7, 2008 5:51 PM PDT:
Only available in the new GMail? What about us Opera users?
dualsub said on July 7, 2008 7:13 PM PDT:
You Opera guys crack me up. Less than 1% market share.
Nick said on July 7, 2008 7:18 PM PDT:
doesn't work on my gmail...no details at the bottom of the screen
Jyvyn said on July 7, 2008 7:19 PM PDT:
I'm still signed onto my Grandma's computer after I installed the Gtalk client onto her computer. Any chance that I will be able to log off from Gtalk on her computer?
said on July 7, 2008 7:53 PM PDT:
A really simple but innovative feature for enhanced security and control for users
BoR|S said on July 7, 2008 9:44 PM PDT:
I wonder when google apps users will have the chance to enjoy this new feature?
kunal said on July 7, 2008 11:30 PM PDT:
It is a great security feature...
but doesn't work on my gmail...no details link in footer...any idea when this feature will be available...
manu said on July 7, 2008 11:33 PM PDT:
How long is google storing that kind of information?
@KenBW2:
Until Google stops using browser sniffing to prevent Opera from loading the new Gmail, bookmark this URL:
http://mail.google.com/mail/?ui=2&nobrowsercheck=1(nobrowsercheck=1 skips browser detection)
@Nick who said:
<< doesn't work on my gmail...no details at the bottom of the screen >>
I only see the new feature in one of my Gmail accounts, so we should wait a couple of days until all the accounts have it.
imma said on July 8, 2008 1:54 AM PDT:
oh, is it a linkable page or do we actually have to wait? :)
said on July 8, 2008 3:12 AM PDT:
How come I don't see this option on the bottom of my inbox as described? Do you have to do something special to turn this feature on?
tnetech said on July 8, 2008 3:13 AM PDT:
Having a GMail account is great (besides from the fact that GMaail means Google Mail), you can access your emails from any pc with an internet connection. In addition you never have to delete or backup your emails. That's brilliant and the truth be told I would not want to be without it. Even though all my emails are indexed and held on the Google servers forever - if your got nothing to hide what does it matter!
Anyway this is a useful little tool to see if your account has become compromise any way.
http://tnetech.net
imma said on July 8, 2008 3:38 AM PDT:
@tnetech, re : "if your got nothing to hide what does it matter!"
see http://writ.news.findlaw.com/dean/20071019.html
Personally i trust google quite a bit with my data, but it is always your choise who you share data with, just once you have then they might pass that on.
People should not *have* to trust *anyone*
- imma
ps: sorry if i'm overreacting here :-(
Dargari said on July 8, 2008 3:54 AM PDT:
Finally Google implements this. Thanks
said on July 8, 2008 4:09 AM PDT:
Opera LOL
DBC said on July 8, 2008 7:48 AM PDT:
How does this work with the legacy survivors of the Gmail bug?
My email address some.guy@gmail.com is shared by someguy@gmail.com -- which is a bug they fixed 2 years ago but really didn't mitigate any of the current users with the problem.
Do I see someguy@gmail.com's accesses?
Of course... lower class citizens are not so lucky...
wen u checked my account it showed me one of my sessions which was 2 days old...
i guess any session lasts 4 about 30 mins... so even if i didnt sign out, how can my 2-day old session be dangerous?
Hunnter said on July 9, 2008 2:46 PM PDT:
This is just simply fantastic!
I am so glad they decided to add this into Gmail, losing an e-mail account or having someone sneakily read your e-mails can be incredibly bad, and very annoying.
said on July 10, 2008 12:25 AM PDT:
Note: PayPal is, contrary to this post, not a Google product. Google Checkout is the cleaner, Googley counterpart.
@Anonymous:
I didn't say that PayPal is a Google product.
said on July 10, 2008 4:22 AM PDT:
I'm using Gmail under Google Apps and now I see the new feature. However, it's not showing the logins I make to the account from the mobile Gmail client on my N95.
Simon said on July 11, 2008 1:13 AM PDT:
Simple, logical, now give me folders on gmail! :P
whatnwhen said on July 11, 2008 10:06 PM PDT:
very good feature....
This is great, but it would be even better if there was an option to log out all other sessions when signed in from multiple locations. For example, in the past I have forgotten to sign out of gmail from the work computer. It would be so helpful if I could log in from home (or another location) and log myself out of the other session (the one I forgot to log myself out of). I know AOL Instant Messenger (AIM) has this feature - or at least it did when I used to use it.
@Noshaba:
That's exactly what you can do with the new feature: remotely log out from all the open sessions.
Thanks! I was actually just informed of the same thing by a friend. Must have overlooked it - my mistake :). I should not underestimate Google.
Specifically about remote sign outs: http://gmailblog.blogspot.com/2008/07/remote-sign-out-and-info-to-help-you.html
asfoory said on July 24, 2008 6:57 AM PDT:
thank u 4 this post.
I found it very useful to me.
I also want u 2 excuse me to use this on my blog .. I'll surely mention ur post
Pratim said on August 10, 2008 11:52 PM PDT:
hey guys...i dont think the times shown in the table for the previous login are correct in any respect...this is very misleading...
Pratim said on August 11, 2008 12:13 AM PDT:
Something must be done to know who is logging into my account.this may be implimented by say,if the account access IP of my account and somebody else's account is same at the same time,den it is quite probable dat he is d culprit...
GOOGLE find some efficient ways for it...
krishna said on February 4, 2009 9:24 PM PDT:
how to find IP address who is trying to log on to my account by giving different password but correct user id.
Adam said on April 1, 2009 2:23 PM PDT:
I knew gmail was the best.
