If you rely on your Google account a lot, then you shouldn’t take online security for granted. You might not feel like anyone’s going to mess with your email or personal files right now, but that never happens to anyone when they expect it the most.

And if you’re asking what’s the best way to protect your account, the answer would be two-fold, namely: (1) learn to change your Gmail password and (2) activate the 2-step authentication feature. If you don’t know these yet, it’s about time that you learn how to do both.

More ideas: Best Weekend Getaways, Best Day Trips

Changing your Gmail password

Your Gmail password is the first line of security against any unauthorized access to your personal email and files. It’s important to keep this password confidential and as unpredictable as possible so that there’s no chance that any hacker, human or otherwise, will be able to figure it out and access your account.

Unfortunately, not everyone knows how to do this, much less remember or care to change the password from time to time. If anything, they only remember to do this in two scenarios, namely: (1) when they forget the password and need to reset it or (2) when they’ve somehow been hacked and thus need to change the password.

Whether you’ve decided to change your password because you just want to or you really need to, it’s important to know how. Keep in mind that this process only works on the browser version of Gmail. The mobile app won’t let you change your password unless you log into the browser version as well.

Step 1: Log into your Gmail account. This assumes that you know your username and password. If not, then you’re going to have to follow a more tedious process of recovering your password.

Step 2: Once logged in, look for the gear icon at the upper right-hand corner of the screen. Click on that. A pop-up menu will open – click on “Settings.”

Step 3: Look for the tab which says, “Accounts and Import.” This is at the top of the page. Click on that.

Step 4: Under the “Change Account Settings,” look for the “Change password” button. Click on that.

Step 5: This is the part where you actually get to change your password. But before that, you’ll be prompted to input your current password (for security purposes) and then you’ll be able to replace your old password with a new one. Just like with your first password, you will be asked to type it twice to confirm your choice.

Keep in mind that you can never reuse your old password. When creating a new one, remember the minimum requirement of eight characters, and in order to make a stronger password, make sure you use a combination of uppercase and lowercase letters as well as numbers and special characters. Once you’re satisfied, click on “Change Password” and you’re done.

Another helpful tip would be to click on the little eye symbol on the side of the blank where you’re supposed to input your password to see what you’re typing. This might be helpful in case you want to double check the password you’re inputting (normally you’ll only see asterisks in place of the actual characters).

Finally, try to make a habit of changing your password every now and then. Think of combinations that you can remember that can’t be easily figured out by other people (so avoid using your own birthday or similar cliché password formats). A strong password alone will ensure that your security doesn’t get breached. Also, this means you won’t have to change it as much.

Activating the 2-step authentication

Somehow, people still manage to get through other people’s Gmail account passwords. So, your next line of defense is having a 2-step authentication process to make sure that nobody ever logs into your account without your consent.

Also known as the 2-step verification process, this feature is designed to stop anyone’s attempt at logging in to your Gmail and other Google services without a second verification from your part. When activated, you can pretty much guarantee that all successful logins can only be done by you.

When you log in to your Google account with the 2-step verification activated, you’ll have to input a code that’s sent to you via call or text brought to you by an authenticator app that will be installed on your phone. Thus, even if a person knows your login credentials, they can’t get into the account because they don’t have the code that’s sent to your phone.

True enough, the extra steps will be a hassle, but that’s a small price to pay for the literally doubled security. Here’s how to do it:

Use the Google authenticator app: Type your username and password to sign in. From there, you’ll see a button which says “off” next to “2-Step Verification.” Click this switch to turn it on.

From here, you’re going to need to type your phone number – make sure to use the one for the phone that will be receiving notifications from Google. You’ll be able to input the area code of your number by selecting the country. Afterwards, indicate whether you want to receive the notification via text or call. Click on the button which says, “Try It” and you will get a test run by receiving a text or call (depending on which you chose) containing your code.

Type in the code you received and then click “Next.” From here, you get to finally turn on your 2-step authentication feature.

Now you have 2-factor verification enabled for your Google account.

A great alternative to the Google authenticator app is Authy because you can install it on multiple devices. In case one device is lost, you can still get access.

Conclusion: Google is a pretty trustworthy company, but you don’t want to take chances on your own security. Make a habit of using these two security features so you never compromise your privacy.