Google is set to begin the process of deleting accounts for users who have remained inactive for the past two years without logging in.
Google is taking a significant step in enhancing user security by implementing a new account deletion policy. Starting from December 31, the tech giant will begin deleting inactive accounts that have not been used for the past two years. The primary goal of this decision is to prevent the potential misuse of these accounts by malicious individuals.
If you haven’t logged into your Google account for the past two years, it will be considered for deletion. However, before removing the account and its data from services such as Gmail, Drive, Docs, Photos, Meet, Calendar, and others, Google will notify you through multiple emails sent to your account and recovery email address. This way, they will give you ample opportunity to keep your account active if you wish to retain access to your data and services.
Important points to remember about Google’s account deletion policy:
- Deleted Gmail addresses cannot be used to create new accounts.
- To keep your account active, log in at least once every two years.
- Account activity can also be maintained by sending/reading emails, using Google Drive, Search, or watching YouTube videos, and signing in on other websites.
- Accounts with active YouTube engagement (comments, channels, videos) or a monetary balance will not be deleted.
- If you no longer use your Google account, you can use “Google Takeout” to download all associated data.
- Google’s “Inactive Account Manager” can help remind you if your account has been inactive for a specific period.
Mitigating Misuse by Threat Actors: Account Deletion Strategies
Back in May, Google issued a warning about their updated inactive account policies. Ruth Kricheli, Google’s VP for Product Management, highlighted that extended periods of inactivity might signal a compromised account. This is mainly because forgotten or unattended accounts often rely on outdated or reused passwords, lack two-factor authentication, and receive fewer security checks.
Internal analysis reveals that abandoned accounts are at least 10 times less likely to have 2-step verification set up compared to active accounts. When these accounts get compromised, threat actors can exploit them for various malicious purposes, including identity theft, spamming, or phishing activities.
Conclusion: Google’s account deletion policy represents a proactive step towards strengthening user security and safeguarding against potential misuse by malicious actors. By staying informed and taking simple measures to keep accounts active, users can retain access to their data and services without any disruptions. Implementing best practices like two-factor authentication and using the Inactive Account Manager can further enhance the overall security of Google accounts.