Security best practices for lost Chromebook
March 8, 2016 9:37 PM Subscribe
I lost a Chromebook that I was signed into with my main Google account. What steps, if any, should I take to ensure that nobody gains access to my account or data?
I hadn't used the Chromebook in at least 6 months, and the main reason for the question is that I simply don't remember what someone is able to do without entering a password/re-authenticating with Google's servers.
I changed my password (several times) since last using the Chromebook. This 2012 article makes it sound like although whoever finds it will potentially be able to access my data (if I have any data saved locally -- don't remember whether this happens automatically for Gmail etc. -- and if I don't require a password when the computer is woken up, which I also don't remember), but the range of what they are able to do would be restricted.
Any advice would be appreciated.
I hadn't used the Chromebook in at least 6 months, and the main reason for the question is that I simply don't remember what someone is able to do without entering a password/re-authenticating with Google's servers.
I changed my password (several times) since last using the Chromebook. This 2012 article makes it sound like although whoever finds it will potentially be able to access my data (if I have any data saved locally -- don't remember whether this happens automatically for Gmail etc. -- and if I don't require a password when the computer is woken up, which I also don't remember), but the range of what they are able to do would be restricted.
Any advice would be appreciated.
Sorry, that only seems to work if you have a Google "Work" account. Maybe try this? https://security.google.com/settings/security/activity?pli=1
posted by My Dad at 9:42 PM on March 8, 2016
posted by My Dad at 9:42 PM on March 8, 2016
If you go to your gmail account in a web browser, on the bottom right of the page, there is a link to last account activity and details. Click on details and then click on log out of all other sessions. Since you changed your password (several times) this should keep them out of logging into your account. I would also enable two step authentication.
I do not know what can be accessed that is saved locally, but generally, on my chromebook, I save locally only when I download an attachment from Gmail, but that takes some effort as the default appears to be to save to Drive (Google cloud service).
posted by AugustWest at 9:53 PM on March 8, 2016
I do not know what can be accessed that is saved locally, but generally, on my chromebook, I save locally only when I download an attachment from Gmail, but that takes some effort as the default appears to be to save to Drive (Google cloud service).
posted by AugustWest at 9:53 PM on March 8, 2016
If its battery ran all the way down, it would require a password to log into your account at boot - as far as I know, while you could have disabled requiring a password to take it out of sleep mode, there's no way to disable needing the password while starting up.
Other than changing the password (which you've done) and possibly turning on 2 factor auth, I don't think there's anything else you can do. If they were able to get into the system, someone could have looked at local files, but anything like accessing gmail or looking at saved passwords should have required entering your password.
Unless you are very interesting to a state level actor like the NSA, the chances of someone being interested and able to get into your Google account is slim. They could have possibly accessed other sites that you had saved passwords for. Most people that find/steal devices and don't try to return them are more interested in wiping the device than trying to do malicious things with the existing data. Unless you've been getting mysterious account reset e-mail messages or something that makes you think someone is doing something with it, I wouldn't worry too much about it. If you have, you need to go through all of the saved passwords in your Google account (the ones that Chrome saves) and change them all.
posted by Candleman at 8:04 AM on March 9, 2016
Other than changing the password (which you've done) and possibly turning on 2 factor auth, I don't think there's anything else you can do. If they were able to get into the system, someone could have looked at local files, but anything like accessing gmail or looking at saved passwords should have required entering your password.
Unless you are very interesting to a state level actor like the NSA, the chances of someone being interested and able to get into your Google account is slim. They could have possibly accessed other sites that you had saved passwords for. Most people that find/steal devices and don't try to return them are more interested in wiping the device than trying to do malicious things with the existing data. Unless you've been getting mysterious account reset e-mail messages or something that makes you think someone is doing something with it, I wouldn't worry too much about it. If you have, you need to go through all of the saved passwords in your Google account (the ones that Chrome saves) and change them all.
posted by Candleman at 8:04 AM on March 9, 2016
This thread is closed to new comments.
posted by My Dad at 9:39 PM on March 8, 2016