Arizona State University (ASU) provides its students with access to Gmail through the ASU-branded Gmail system. While the platform offers convenience and powerful tools to help students with communication and organization, it is essential to take personal cybersecurity seriously. In today’s world of growing cyber threats, students must be vigilant about protecting their data, identity, and academic resources.
This article outlines the most critical ASU Gmail security settings every student should understand and configure. Securing your Gmail account not only helps keep your information safe but also protects the broader university network from potential breaches.
Table of Contents
1. Enable Two-Factor Authentication (2FA)
Two-Factor Authentication is the backbone of Gmail security. ASU strongly recommends that all students enable 2FA through the Google 2-Step Verification process. With 2FA turned on, signing in to your ASU Gmail account will require both your password and a second verification step, often a code sent to your phone or generated by an app such as Google Authenticator.
Advantages of enabling 2FA:
- Prevents unauthorized access even if your password is compromised
- Alerts you when someone attempts to sign in from a new device
- Provides an added layer of assurance against phishing attacks
To enable 2FA, go to your Google Account settings, click on “Security,” and then find the “2-Step Verification” section to get started.
2. Use a Strong and Unique Password
Many users still rely on simple or reused passwords, placing their accounts at great risk. A strong password is the first line of defense for your ASU Gmail account. Avoid using common phrases like “ASU1234” or including personal information such as your birth date.
Best practices for creating a strong password:
- Make it at least 12 characters long
- Include a mix of upper and lowercase letters, numbers, and special symbols
- Avoid dictionary words or keyboard patterns (e.g., “qwerty”)
- Do not use the same password across different websites or services
Consider using a trusted password manager to store and generate strong passwords across all your accounts.
3. Review App Permissions and Access
Over time, students may connect a variety of third-party apps to their ASU Gmail—whether for productivity, file management, or collaboration. However, poorly maintained or untrustworthy apps can pose a significant risk by accessing your emails, calendars, or contacts without your full awareness.
Visit your Google Account Permissions page and take the time to:
- Review which apps have access to your Gmail account
- Revoke access to any that you don’t recognize or no longer use
- Ensure apps you still use are from trusted developers and have minimal permissions
Note: Always check app reviews and verify legitimacy before granting any third-party software access to your ASU Gmail.
4. Check for Suspicious Login Activity
Google’s built-in monitoring tools allow you to track recent activity on your ASU Gmail account. This includes information like the location and device used for login attempts. Suspicious behavior—such as unfamiliar devices or login attempts from different countries—may indicate a security breach.
To view your recent activity:
- Log in to your ASU Gmail account
- Scroll to the bottom right of your Gmail inbox
- Click “Details” below “Last account activity”
If you notice any unknown sessions, click “Sign out all other web sessions” and change your password immediately.
5. Activate Confidential Mode
When sharing sensitive information via email—such as student ID numbers or financial data—it’s crucial to keep those conversations secure. Gmail’s Confidential Mode allows students to send time-sensitive emails that other users cannot forward, copy, download, or print. Additionally, users can set expiration dates and require SMS verification to open the message.
To use Confidential Mode:
- Compose a new message in Gmail
- Click the lock-and-clock icon at the bottom right of the message window
- Set your desired expiration and passcode options
This mode is ideal for sending documentation to faculty, administrative offices, or classmates.
6. Be Wary of Phishing Emails
Phishing attempts are one of the most prevalent threats to university students. These deceptive emails often appear to be from legitimate institutions such as ASU, Google, or financial organizations. They typically urge students to click on malicious links or provide sensitive data under the guise of account recovery or academic updates.
How to identify phishing emails:
- Look for poor grammar, urgent or threatening language, and unfamiliar sender emails
- Double-check any email claiming to be from ASU by verifying the email domain (e.g., “@asu.edu”)
- Hover over links before clicking to see where they actually lead
If you suspect a phishing attempt, report it immediately to the ASU IT Security team via the ASU Service Center or by forwarding the email to infosec@asu.edu.
7. Configure Privacy Settings
While Gmail is a powerful tool, students should remain vigilant about what information is accessible by default. Inside the Google Account settings, students can manage what is visible to others through services like Google Contacts and Calendar.
Steps to adjust privacy settings:
- Visit your Google Account Privacy Section
- Review “Your profile” and “Activity controls”
- Disable or restrict activity tracking based on your preferences
- Limit visibility of your information in Google Workspace tools shared across classes
These privacy settings are particularly vital in group project scenarios or when working with third-party collaboration tools.
8. Regularly Update Recovery Information
If you ever lose access to your ASU Gmail—due to a forgotten password or compromised account—Google will use your recovery phone number and email address to help you regain access. Keeping these details up to date is essential for fast and secure account recovery.
To check your recovery info:
- Go to your Google Account Security Page
- Scroll down to “Ways we can verify it’s you”
- Add or update your recovery phone and email address
Tip: Use a recovery email that is not tied to your ASU account to ensure access even if your ASU credentials are locked.
9. Attend ASU Cybersecurity Awareness Events
ASU regularly hosts cybersecurity awareness campaigns, including webinars, in-person seminars, and mailing list updates. These events offer valuable insights into securing not just your ASU Gmail but also your online identity and digital footprint.
Benefits of participating in ASU’s security programs:
- Stay informed of the latest threats targeting students
- Learn best practices from IT professionals on campus
- Earn security training certifications that may benefit future job applications
Students can visit ASU’s Security Services portal for current events, educational content, and alerts.
10. Log Out After Use on Shared Devices
Although this may seem obvious, many students still leave their accounts signed in on lab or public computers. Always log out of your Gmail or ASU account after use, especially when you’re not on your personal device.
Also, be cautious when accessing your ASU Gmail on public WiFi. For additional protection, consider using a VPN when connecting to university systems remotely.
Maintaining the integrity of your ASU Gmail account is about more than just personal safety—it ensures the secure operation of university systems and the academic success of you and your peers.