Gmail Account Recovery: Locked Out or Compromised?
Whether Google flagged unusual activity, you suspect your account was accessed by someone else, or you're simply locked out, here's how to regain control.
Go to g.co/recover or accounts.google.com/signin/recovery. Google will guide you through verification using your recovery phone, recovery email, or account history questions. If you suspect unauthorized access, immediately check "Security" โ "Your devices" to sign out unfamiliar sessions once you regain access.
Why Did Google Restrict My Account?
Google's automated security systems may restrict access due to:
- Sign-in from a new location or device โ especially a significantly different country
- Too many failed password attempts โ security throttling to prevent brute-force attacks
- Unusual sending patterns โ sending a high volume of emails quickly, which can resemble spam
- Suspected unauthorized access โ sign-in patterns inconsistent with your typical usage
- Linked device flagged for malware โ Google detected potentially compromising software on a device that accessed your account
How to Recover Your Account
- Go to g.co/recoverThis is Google's dedicated account recovery starting point.
- Enter your email addressThe Gmail address for the account you're trying to recover.
- Follow the verification promptsGoogle will offer methods based on your account's setup โ trusted device confirmation, recovery phone/email codes, or security questions about account history.
- If a verification method fails, click "Try another way"This reveals additional options one at a time.
- Once verified, check recent account activityGo to myaccount.google.com โ Security โ "Recent security activity" to review anything unfamiliar.
- Sign out unfamiliar devicesUnder Security โ "Your devices," click "Sign out" on any session you don't recognize.
- Change your password and enable 2-Step VerificationThis secures the account against repeat unauthorized access.
If You Suspect Your Account Was Hacked
- Change your password immediatelyIf you can still log in, go to myaccount.google.com โ Security โ Password.
- Review and remove unfamiliar recovery infoCheck Security โ "Ways you can verify it's you" for any phone numbers or emails you didn't add.
- Check for unfamiliar account recovery changesIf an unauthorized party added their own recovery phone/email, remove it and re-add your own.
- Review connected third-party appsGo to Security โ "Third-party apps with account access" and remove anything unfamiliar.
- Enable 2-Step VerificationThis is the single most effective step to prevent future unauthorized access.
Frequently Asked Questions
How do I know if someone else accessed my Gmail account?
Check myaccount.google.com โ Security โ "Recent security activity" and "Your devices." Look for sign-ins from unfamiliar locations, devices, or times. Google also sends email alerts for sign-ins from new devices when possible.
What should I do first if my Gmail was hacked?
If you can still log in, change your password immediately, then review and remove any unfamiliar recovery phone numbers, emails, or connected third-party apps. Enable 2-Step Verification to prevent repeat access.
Can I recover my account if my recovery info was changed?
Yes, but it's more difficult. Go to g.co/recover and proceed through verification โ Google's account history questions (previous passwords, account creation date, etc.) don't rely on recovery info that may have been changed.
Why does Google keep asking me to verify recent sign-ins?
This is a security feature triggered by sign-ins from new locations, devices, or browsers. It's designed to confirm account access is legitimate, and tends to occur less frequently once 2-Step Verification with a trusted device is set up.