Secure your YouTube channel

To help prevent your YouTube channel from being hacked, hijacked, or compromised, there are some important steps to take:
  1. Scan for malware
  2. Use a passkey for 2-Step Verification
  3. Make an account recovery plan

Secure Your YouTube Account

Subscribe to the YouTube Creators channel for the latest news, updates, and tips.
 
If you're a channel owner, we recommend sharing this article and these YouTube creator safety tips and resources with anyone else who has access to your channel. For more personalized security recommendations, you can visit your Security Checkup page.

1. Scan for malware

Malware is software that can gain access to your account, spy on your activity, delete your files, and make changes to your online access. It usually sneaks through your devices as password protected and zipped files that end in .scr or .exe file.

Malware can come from:

  • Suspicious links: Clicking on a link in a spam or fake sponsorship or brand deal email
  • Infected downloads: Downloading a program from an untrusted source
  • Fake software updates: Installing a fake software update that contains malware

We recommend

Turn on Enhanced Safe Browsing

Enhanced Safe Browsing automatically scanning a download for malware

More about Enhanced Safe Browsing

Because antivirus software may not scan some encrypted files, we recommend also turning on Enhanced Safe Browsing so that all files downloaded from Google Chrome are scanned for malware.

Enhanced Safe Browsing provides real-time security scanning to keep you safe across all Google products when using Google Chrome.

2. Use a passkey for 2-Step Verification

Stolen passwords are one of the most common ways that accounts are compromised. Once you’ve created a strong password, you can turn on 2-Step Verification (also known as 2SV or two-factor authentication), which adds a second verification step for another layer of security.

You can choose from different kinds of verification steps, each with varying levels of security:

  • Passkeys: Device verification like fingerprint, face scan, or phone screen lock. Passkeys provide the strongest protection against phishing.
  • Security keys: Physical verification device that provides strong protection against phishing.
  • Google Prompts: Phone notification that’s more secure than text message verification codes.
  • Google Authenticator: App that works offline and generates one-time verification codes.
  • Phone verification codes: Less secure type of verification codes sent by text or phone call.
  • Backup codes: Less secure type of verification codes that are downloaded and printed.

We recommend

For the strongest protection against threats like phishing, set up 2-Step Verification and choose a passkey as your second verification method.

 Set up 2-Step Verification with a passkey

Note: Once you create a passkey, you can use it to easily sign in to your Google Account, as well as some third-party apps or services, and to verify it's you when you make sensitive changes.

 

3. Make an account recovery plan

To make sure you can get back into your Google Account if you ever can’t sign in, you can add recovery options, like your phone number and email address.

Recovery options can be used to:

  • Block someone from using your account without your permission
  • Alert you if there’s suspicious activity on your account
  • Recover your account if you’re ever locked out or forget your password

Learn more about how recovery options can be used to keep your account secure.

We recommend

Add recovery options, like your phone number and email address, to your account so you can quickly recover your account if you ever need to.

Add account recovery options

 

Do you think your YouTube channel was hacked? Recover a hacked channel.
Did you lose access to your Google Account? Restore your Google Account.

Was this helpful?

How can we improve it?
Search
Clear search
Close search
Google apps
Main menu
12919999355062524333
true
Search Help Center
true
true
true
true
true
59
false
false