Google renewed its warning to customers in emails sent over the weekend, informing them about a new policy that will take effect from December 2023, according to this new policy, the technology giant will begin deleting inactive accounts that have not been used or logged into for a period of two years, however, Google will first notify users if their accounts qualify for deletion.
In its email message, Google stated, “If your account is classified as inactive, we will send multiple reminder messages to both the email address and recovery email addresses (if provided) before taking any action or deleting any account content, these reminder messages will be sent at least 8 months before any action is taken regarding your account.”
After the deletion of a Google account, the associated Gmail address will become ineligible for creating a new Google account.
It’s worth noting that the easiest way to keep a Google account active is to log in at least once every two years, as long as users have logged into their Google accounts within the past two years, their accounts will be considered active and not subject to deletion.
Additional methods to maintain account activity include reading and sending emails, using Google Drive for cloud storage, downloading apps from the Google Play Store, performing internet searches while logged in, sharing photos, and using Google account logins for external services.
The new policy also comes with specific exceptions, including Google accounts with YouTube activities (channels, videos, or comments), accounts holding cash balances from gift cards, and accounts publishing applications on the Google Play Store.
The company had previously warned customers about changes to its inactive accounts policies back in May, at that time, Ruth Krishelly, Vice President of Product Management at Google, mentioned that long periods of account inactivity could indicate vulnerability to hacking.
Krishelly added, “This is because forgotten or unmonitored accounts often rely on old or reused passwords, which may have been compromised, and do not use two-factor authentication, receiving fewer security checks from the user.”
After an account is compromised, threat actors can utilize Google accounts for a wide range of malicious purposes, such as identity theft, sending random or phishing emails.
In the emails sent to Google users during the weekend, the company warned, “We want to protect your personal information and prevent any unauthorized access to your account, even if you no longer use our services.”
Google also allows users to download their data using Google Takeout and offers a feature called “Inactive Account Manager,” which helps users plan what happens to their accounts during a specified period of inactivity.