One of our small business Mac clients related a disturbing story this week:
She worked with a freelancer for many months on a project. Recently she found out that the freelancer had been logging on to her Gmail account and reading all her incoming and outgoing mails.
She figured it out because Gmail lets you see logons to your account. At the very bottom of the Gmail page, it tells you “Last account activity” and then has a Details link. If you click on the link you’ll see a screen like this one:
Our client saw dates, times, and IP addresses that did not match her actual activity. That’s when she got suspicious.
It turned out that our client’s Gmail password was the same as the password she used to create some website logins–which the freelancer had access to. So the freelancer guessed that the Gmail password would be the same.
The moral of our story: All your passwords should not be the same. And they should be non-guessable by anybody who knows you.