Google has made its ecosystem frictionless. If you buy a new Android phone, you’re prompted to add your account during setup, and every service is automatically tied in.

You hardly need to re-enter credentials for months or even years. So, it’s easy to forget that you’re signed in. You probably logged in on a shared computer for a temporary purpose, or sold your old device without erasing your presence.

Android assumes the account belongs on the device, and Google thrives on keeping you tied in. But sensitive data is synced by default and leaves a doorway for anyone to manipulate it.

If you suspect that your passwords have been compromised in the process, here are sure signs for you to take action.

6

Google sends you account security notifications

Google’s security notifications are signals of compromise based on how your account behaves.

You’ll receive an email, SMS alert, or push notification about new sign-ins or changes. It usually means that someone is testing your credentials in a different environment.

Normally, the system tracks your IP ranges, device type, operating system, and browser build.

If you initially signed in on a Pixel in New York, but suddenly there’s a login from a Chromebook in Texas, the system triggers an alert. You’ll see a timestamp, the device details, and location. You’ll be prompted to check or deny the activity.

In more serious cases, you’ll get a two-factor authentication prompt. It happens when a device enters your correct password and attempts a fresh login.

Google recognizes the mismatch in context and blocks access until it can verify secondary proof. You may verify your identity through biometric verification or entering a code sent to your original device.

5

Unfamiliar devices lurk in your account settings

Your Google account has a security menu that keeps logs of your activity. Go to myaccount.google.com and select Security. Look under Your devices. You’ll see every phone, tablet, computer, or smart display currently tied to your account.

If you spot any unfamiliar devices there, it means they still have permission to pull in your files and saved passwords.

If it connects to the internet, it will continue syncing this data. Select the strange device to view its full information. Then tap Sign Out to remove it.

Similarly, linked services may be collecting your data. Dropbox, Slack, or smaller websites sometimes request access permission.

Google issues an OAuth token when you grant it. That token allows the service to pull specific data and even read parts of your emails. Return to the Security menu and look under Your connections to third-party apps & services to delete unwanted connections.

Sometimes, the same device appears twice in your devices list. First, by its name (Realme 12+) and again by its model number (RMX3867). It’s unclear why duplicates happen.

Check the About device menu in your phone’s settings to confirm before removing the hardware from your account.

4

Autofill suggests passwords you haven’t used before

Autofill is a feature tied to Google Password Manager. It fills in your usernames and passwords when you open a login page on a site or in an app. Your login details remain in an encrypted vault tied to your account.

Interacting with a login form triggers Manager to check the website’s domain or the app’s package name against the entries in your vault. Then it suggests the right credentials.

Because Autofill is part of Google’s synchronization system, suggestions reflect the most recent use across all devices.

If a tablet that still has your details autofills an app like Netflix, your phone treats the password as recently used. It’ll push it to the top of your recommendations list the next time you log in.

Go to Settings > Google > All services > Autofill with Google. Select Google Password Manager. Review your saved logins. Delete the ones you don’t want or change the passwords.

If the foreign device tries it again, it won’t work.

3

You receive alerts for password resets you didn’t approve

Devices signed in to your account have the authority to act as you. They hold valid session tokens, which are encrypted keys Google issues when they first log in. Also, they can perform any action, including a password reset.

The only thing that could stop them is an additional layer of verification, usually 2FA. It’ll push a notification to your phone and give you enough time to take action.

The reset can succeed quietly if 2FA is off, and you’ll discover it only afterward. You’ll get an email informing you that your password has changed.

Open the email and follow the instructions for securing your account. It’ll initiate a recovery process where you can reset the password again and boot out whoever changed it.

2

Unfamiliar bookmarks pop up in Chrome

Chrome merges all browsing information into one seamless profile. It doesn’t separate which device those items came from. Hence, you won’t get a warning. Instead, you’ll spot unfamiliar bookmarks and browsing history.

You might start typing in the address bar and find autocomplete offering websites you’ve never visited on your current device. Navigate to the Bookmarks menu and scroll through your folders to review how much of your content belongs to you.

Also, check the History menu for suspicious activity.

1

Someone altered your recovery methods

Losing your account is not a hopeless situation. Google builds in multiple layers of recovery so that you can regain control if you’re suddenly locked out.

You’ll see this information in the Security section of your account, under How you sign in to Google. It shows your recovery phone numbers, backup emails, and 2FA devices in a list.

These details only work if they still belong to you. Someone else may have changed them while you were distracted. Recovery and 2FA codes will go to them instead of you, which means they can reset the password and stay signed in.

Even then, Google still provides a recovery chance. However, you’ll answer multiple questions about your account history, such as when you created it, old passwords you used, or devices you signed in on.

The more accurate your answers, the higher your chances of regaining access.

It’s a last-resort method to stop attackers from permanently taking over your vault of saved passwords.

Protect the passwords that are protecting you

Your account passwords are as safe as the precautions you’ve set up. Always treat logins as temporary.

If you must sign in on another device, use Incognito mode or add your account as a temporary guest profile, then delete it. That way, nothing syncs when you walk away.

Try to review and change your saved passwords regularly. Also, be deliberate about what data is shared across devices. In Chrome’s sync settings, you can uncheck or keep passwords, bookmarks, and history if you prefer.

More importantly, don’t overlook physical security. If you must sell or give away a device, factory reset it and also remove it from your account’s device list.

You may assume that a reset alone is enough. But Google’s servers don’t immediately erase hardware. It’ll linger for weeks as stale information and regain access once reconnected to Wi-Fi if you’re unlucky.