Google has put together a detailed guide that includes what you must do now to set up your account for recovery and what to do if you are locked out of your account. We’ll go through these steps, and I encourage you to set a few minutes aside to complete the process. And if you’ve recently been hacked, you have just seven days to recover your account, so let’s get started.

To protect your Gmail account, the first step is setting up recovery options. Adding a recovery email and phone number ensures you’ll have tools to confirm your identity if you’re ever locked out. The recovery phone number should belong to you and be connected to a smartphone that you use regularly and keep with you. Similarly, your recovery email should be one you check frequently but different from the email you’re securing. Google emphasizes the importance of this step, noting that your recovery email and phone number can still be used if an attacker changes your credentials. However, if your recovery phone number has been altered by an attacker, Google allows only a seven-day window during which you can still use the original number to regain access.

Updating your recovery details is simple. In any Google service you’ve logged into, click on your photo in the upper right corner and then click “Manage your Google Account.” Under Personal info, you can add or update a phone number and add multiple email addresses for Google accounts. If you scroll down to the bottom of the page, you’ll see that you can also reset your password, which you should do if it’s not unique, long or otherwise strong. (See last week’s column for tips.) You should also turn on two factor authentication to improve security – you’ll find the option under Security. In the future, you’ll receive a text on your phone with a code that you’ll enter to access your Google account, which means an outsider could not get into your Gmail on your laptop without also having your phone.

If your account has already been hacked, the recovery process begins at g.co/recover, where you’ll enter your Gmail address and follow the prompts. Using a device and browser you’ve previously used to sign into the account and being in a familiar location, such as your home or workplace, can improve your chances of success. The recovery process includes a series of questions designed to confirm your identity. If asked for the last password you remember, providing the most recent one is best. If you’re unsure, any previously used password will help. Google doesn’t penalize wrong answers or kick you out of the recovery process.

Google may use several methods to verify your identity, such as sending a code to your recovery email or phone number, asking for a code from your authenticator app if you use one, or sending a prompt directly to your trusted device. If you can’t access any of these options, you can continue by selecting the next available method. If prompted, you may also need to provide an alternate email address where Google can contact you about your recovery request. For those without this third email, creating one specifically for this purpose is a good idea. Once you’ve regained access, reset your password.

With the New Year just around the corner, now is a great time to ensure your account recovery options are set up correctly. Consider it part of a broader resolution to stay on top of digital security, alongside avoiding unsolicited links in emails and texts and keeping regular data backups. Protecting your Gmail account is one of the simplest yet most effective steps you can take to safeguard your online life. By taking a few moments now to prepare, you’ll save yourself significant stress should the unexpected happen.

Leslie Meredith has been writing about technology for more than a decade. As a mom of four, value, usefulness, and online safety take priority. Have a question? Email Leslie at asklesliemeredith@gmail.com.