Gmail account security in Iran

Thursday, September 8, 2011 5:49 PM

We learned last week that the compromise of a Dutch company involved with verifying the authenticity of websites could have put the Internet communications of many Iranians at risk, including their Gmail. While Google’s internal systems were not compromised, we are directly contacting possibly affected users and providing similar information below because our top priority is to protect the privacy and security of our users.

While users of the Chrome browser were protected from this threat, we advise all users in Iran to take concrete steps to secure their accounts:
  1. Change your password. You may have already been asked to change your password when you signed in to your Google Account. If not, you can change it here.
  2. Verify your account recovery options. Secondary email addresses, phone numbers, and other information can help you regain access to your account if you lose your password. Check to be sure your recovery options are correct and up to date here.
  3. Check the websites and applications that are allowed to access your account, and revoke any that are unfamiliar here.
  4. Check your Gmail settings for suspicious forwarding addresses or delegated accounts.
  5. Pay careful attention to warnings that appear in your web browser and don’t click past them.
For more ways to secure your account, you can visit If you believe your account has been compromised, you can start the recovery process here.
The comments you read here belong only to the person who posted them. We do, however, reserve the right to remove off-topic comments.


Qobad said...

I suggest that all user use Chrome

ekse said...

Could you give some details on how Chrome users were protected from this attack ?

007 said...

Why Google don't become a Certificate Authority himself ?

Wolf said...

What makes Chrome more secure than say Firefox run in a sandbox?

Answer is: nothing.

Any program run in a sandbox is secure, because when you close the browser whatever is downloaded without your approval is gone forever. So this post is nonsense.
Sandbox plus secure updated firewall, plus updated A-V: as long as it is not Symantic or McAfee, plus active scanning enabled plus a secure browser: not Internet Explorer, plus turning off remember passwords and such will make your internet experience more safe and secure.

Unknown said...

Kudos for including more stringent certificate verification for crucial sites. Perhaps automated reporting as a next step?

Van Hire London said...

This is very important information. Gmail account security is must. Everyone is having their personal accounts & having any type of personal information in it. These tips are useful & if there is any threat for security of accounts then everyone must follow these. Thanks for your valueable contribution.