There's no doubt Google runs a tight ship as far as security goes, if you're hacked using Google services its usually (but not always) because of something you did, not Google. If you want to keep your emails on Google's services more secure you'll need to do more than just enable two-factor authentication. You need to practice safe browsing, steering clear of sites and emails that could steal your info.
Below are four third-party add-ons you can plug into Gmail to help your navigate the internet a little more safely. They range from add-ons to protect you from phishing attacks (when a hacker tries to social engineer your password out of you) to add-ons to keep Google from peeping at what you send through their email servers.
Probably the best name for an add-on designed to improve Gmail security, and there's no doubt SecureGmail is very useful for the privacy-conscious -- it encrypts and decrypts all the emails you send and receive in Gmail, before they ever reach Google's servers, so you know that if anyone else should try and extract the contents they won't be able to do so -- including Google itself.
At the other end the recipient of your email needs a specified password to understand and decode the message, but you don't have to apply this encryption to everything you send through Gmail, so you can save it just for the most sensitive stuff. Like all the best Gmail browser add-ons, it integrates with the original web interface in a clean and seamless way.
There are plenty of emailers out there who'd like to know when and where you open your messages so they apply a tracker to notify them when you've opened it. If you're not really into that kind of tracking behaviour then there's Ugly Email -- add the extension to Chrome and you get a simple eye icon inside your Gmail account on the web if an email contains some kind of tracker.
This add-on is for informative purposes only, so you can't really do anything about the tracking except choose not to open up the offending message or have words with the person who sent it, but we like its simple approach and ease-of-use. At the very least you become more aware of the sort of messages coming into your inbox, which is always useful.
As the name suggests, Gmail Sender Icons is a Chrome extension that puts favicon symbols next to senders in Gmail, so you can quickly visualise which domain each message is coming from. It gives you that same at-a-glance ease-of-use that you get when looking through the open tabs in your browser, but built right into your Gmail inbox, with virtually no slowdown in speed.
So how does it keep you safe? It's another way of flagging spam emails that aren't from respectable sources, and you can spot the potentially dodgy messages before you open them up, or indeed use it to save genuine messages from the Spam folder. The extension itself doesn't store any data, simply parsing your inbox to come up with its labelling.
This last one is from Google itself: A Chrome extension that helps keep you safe against any phishing attempts that may wander into your inbox. It watches out for Google sign-in pages that aren't actually Google sign-in pages, and should you get duped into entering your account password, you'll then get an instant warning asking you to reset it to something else.
The extension works by storing a "thumbnail" of your password for comparison purposes, rather than the password itself. And while Gmail already does a decent job of watching out for emails that aren't genuine, shifting them to the Spam folder so you don't get chance to be fooled, but there's no harm in upgrading your protection -- plenty of us are still at risk.