Google has already confirmed that it is to start deleting, although purging might be a better term, certain personal Google accounts from December 1. This purge will include pretty much all the content you can think of: Gmail messages, Google Photos libraries, Google Calendar appointments, and Google Docs archives are all impacted.
Here’s everything you need to know ahead of the December deadline.
Google Content Deletion Countdown Clock Is Ticking
If news of this move to delete inactive Google accounts comes as a complete surprise to you, the fault cannot be laid at Google’s door. Back in July, Google sent emails warning that these account deletions would start in December. Those emails stated that any account that is considered to be inactive will receive “several reminder emails” before any action is taken. Now you may think you’ve spotted a flaw in the logic here, as an email to an account that isn’t currently active won’t be read, but Google has that covered. Notification emails will also be sent to any recovery email address on record. The first accounts to be targeted, in December, will be those that were created but never actually used again since.
Are Your Gmail And Photos At Risk?
With more than 1.8 billion Gmail users, rising to 2 billion as far as Google Photos users are concerned, will your account be among the unconfirmed number to be affected? The good news is that, statistically speaking, it’s unlikely. That’s because this purge, undertaken for security reasons according to Google, only applies to inactive personal accounts. More specifically, users who have not signed into their Google accounts for at least two years. If you’ve read or sent an email using Gmail, stored something in Google Drive, downloaded an app from the Google Play Store, added a photo to Google Photos, or even performed a Google search while logged into your Google account, your precious content is safe. Google business accounts are not affected.
MORE FROM FORBESChatGPT Down As Anonymous Sudan Hackers Claim ResponsibilityBy Davey Winder
Inactive Accounts Are A Compromise Waiting To Happen
Ruth Kricheli, a vice president of product management at Google, went on the record in May to explain the inactive account policy update. “If an account hasn’t been used for an extended period of time, it is more likely to be compromised,” Kricheli said. The reasoning is that accounts that remain unused for a long time will not have undergone regular security checks, will likely not have two-factor authentication activated, and could be using insecure passwords. “Our internal analysis shows abandoned accounts are at least 10x less likely than active accounts to have 2-step verification set up,” Kricheli said. Because, statistically speaking, these dormant accounts are more vulnerable than others, the risk of compromise is increased. A compromised Google account is like winning the lottery as far as threat actors are concerned, providing access to email messages and documents that can be used to reset account passwords, steal identities, and act as a launchpad for malicious activity in general.
MORE FROM FORBESHas Your iPhone Been Hacked? New Attack Mode Can Crash iOS 17 DevicesBy Davey Winder
What You Need To Do To Protect Your Gmail And Google Photos Content From Deletion
As I reported back in July, in order to protect your Gmail account, your Google Photos content, and anything else linked to your Google Account, most people will need to do precisely nothing. If you only have one Google account, and you’ve signed into it in any way across the last two years, you are safe. If, on the other hand, you have multiple accounts, now is the time to go check and sign into them. Ensure you do this at least once every 24 months and your account, and the content behind it, will also be safe from deletion. If you can’t remember your account details, all is not lost. Use the Google account recovery process which requires a recovery email or telephone number. Use known addresses and numbers and the chances are you’ll be OK. You’ll get a verification code sent by email or SMS, and then when you try to log in with an incorrect password you’ll get the opportunity to reset the password via the forgotten password route. Again, a code will be sent to you for verification.
Get the best of Forbes to your inbox with the latest insights from experts across the globe.
Follow me on Twitter or LinkedIn. Check out my website or some of my other work here.
Davey is a four-decade veteran technology journalist and contributing editor at PC Pro magazine, a position he has held since the first issue was published in 1994.
New: You can now follow me on Mastodon as well as Twitter
A co-founder of the Forbes Straight Talking Cyber video project, which won the ‘Most Educational Content’ category at the 2021 European Cybersecurity Blogger Awards, Davey has spent the last 30 years as a freelance technology journalist. The author of 25 published books, Davey’s work has appeared in The Times, The Sunday Times, The Guardian, The Observer, The Register, Infosecurity Magazine, SC Magazine, IT Pro and Digital Health News to name but a few.
Davey has picked up many awards from his peers across the decades, most recently the Security Serious ‘Cyber Writer of the Year’ title in 2020. Before then, he has been a three-time winner of the BT Security Journalist of the Year award (2006, 2008, 2010) and was named BT Technology Journalist of the Year in 1996 for a forward-looking feature in PC Pro Magazine called ‘Threats to the Internet.’ In 2011 Davey was honored with the Enigma Award for a lifetime contribution to IT security journalism.
Contact Davey in confidence by email at [email protected], or Twitter DM, if you have a story relating to cybersecurity, hacking, privacy or espionage (the more technical the better) to reveal or research to share.
Read MoreRead Less