IPv6 addresses showing on my Gmail (1 Viewer)

[stevec]

I generally keep an eye on the access details of my gmail email account after being compromised a couple of years ago. The IP addresses shown for the last 10 accesses have agreed with what I would expect (home router IP address for wifi and an EE address if I access via my phone away from home). Recently I have been seeing some IP addresses which look completely different and I now know to be IPv6 format instead of IPv4. This has got me a bit concerned as I changed my password immediately I suspected something. But these addresses still appear occassionally. My computer runs XP and tablet and phone are Android. Can anyone explain this as I'm no networking geek? In the meantime I will disable email on phone and tablet to see if these still occur.

Edit: My computer IP address is generally shown in IPv4 format but I have seen at least one occasion when it has been in IPv6 (as reported by Gmail "details")

 

[WynandJean]

I can't say it means much to me but does this:-
http://www.thinkbroadband.com/ipv6
help?

Wyn

 

[stevec]

Thanks for the link but I think that may be a bit out of date as it mentions things happening in 2011/12. But helpful all the same.

^{_{Subscribers  do not see these advertisements}}

 

[Langtoftlad]

Have you switched on IPv6 either by accident or via a Windows update?
I've just checked my Adapter settings - and discovered IPv6 is turned on for wired connections but not for wireless - which surprised me as I thought I'd completely disabled it.

 

[stevec]

I'm windows XP so no updates recently!. Wouldn't know how to change it manually.

 

[DBK]

I'm not aware of any security issues over IPv6 as it's just the "new" IP address format which will eventually replace the current one which typically looks like this: 192.168.1.2
IPv6 addresses are much longer but not all the net or routers are set up for it. My BT router isn't.

^{_{Subscribers  do not see these advertisements}}

 

[Langtoftlad]

As I understand it - sending email via Gmail via a browser won't reveal the ip address but if using a third party email application it might.

If it concerns you then the only real answer is to use a VPN for all your email & browsing traffic.

Much like your actual home address, your internet address isn't really private, unless you take fairly extreme methods.
If you don't want anyone to know what you're doing on the internet, then encryption of content via a VPN... but if you don't want anyone to know you are using the internet, that is much harder & much more inconvenient.

If you're concerned about hacking, then it is unlikely to happen on an individual scale, it can happen but who'd put the effort in on the offchance they found something valuable? Much more likely your IP would be caught up in a mass break in at corporate server level - Yahoo, for example, has had many issues.

 

[DBK]

One trick with a home router is to use a time switch so it is turned off say at 03:00 in the morning and then on again a few minutes later. This will make it select a different IP address. This won't work if you have a static IP address of course but I don't think typical home broadband uses those. This changes the IP address your router has on the web. Within your home network the IP addresses won't change much and they will still typically start 192.168. etc. with usually only the last number changing as devices connected are allocated an address.

 

[Langtoftlad]

One trick with a home router is to use a time switch so it is turned off say at 03:00 in the morning and then on again a few minutes later. This will make it select a different IP address. This won't work if you have a static IP address of course but I don't think typical home broadband uses those.

One disadvantage of doing that is that it might lead your exchange to think there is a fault on your line and then restrict your internet speed.

^{_{Subscribers  do not see these advertisements}}

 

[Gromett]

Every computer, device, router, mobile phone and literally anything connecting to the internet needs a publicly visible address. IP addresses stands for Internet Protocol addresses.

An IP Version 4 address is made up of 3 numbers with a value from 0 - 255.
10.20.30.40 for example.
This means there are 4 Billion IPv4 addresses. We have now run out of these addresses so the clever people who manage the internet designed a new system.

The new ipv6 system uses 8 sets of 16 bit values. To make these easier to read they are presented as hexadecimal values from 0-ffff and separated by colons :
so. the first one is.
0000:0000:0000:0000:0000:0000:0000:0000
The last one is
FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF

This expanded range means there are now 3.4×10^38 addresses available.

The two protocols can be run side by side. What has happened is that servers that communicate with each other have moved over first. Now ISP's are starting to add IPv6 to their networks. If you are on an ISP that provides IPv6 you will now be allocated a small range of IPv6 addresses as well as your IPv4. This means that each device in your house will get it's own IP address. When your IPv6 enabled computer is given an IP address you will now get both an IPv4 address and an IPv6 address.

If you connect to a service that supports IPv6 this will generally be used in priority over an IPv4.

Over time less and less people will use IPv4 and say in 10-20 years IPv4 will stop being supported.

There will be some glitches and minor security issues as this happens but nothing that should affect you. It is worth getting used to the new IP address format as it is here to stay and will eventually be the primary one.

The advantage is we will start seeing the end of NAT which although adds a little security also causes complications and unreliability behind the scenes.

 

[stevec]

Thanks for all the info. My actual concern is that someone else is accessing my gmail account. This happened once before when I received an email addressed to me apparently from my financial adviser asking about specific financial information. This caused me to think that someone had access to my email history (password immediately changed!!).

Is it possible that one of my devices, whose IP address Gmail "details" show, can be seen with an IPv6 address at one time but with an IPv4 address at another. I've disabled both mobile and tablet access to gmail leaving the only access when I log in on my PC. I'll see if I get any accesses from IP addresses other than my own.

 

[Gromett]

Thanks for all the info. My actual concern is that someone else is accessing my gmail account. This happened once before when I received an email addressed to me apparently from my financial adviser asking about specific financial information. This caused me to think that someone had access to my email history (password immediately changed!!).

Is it possible that one of my devices, whose IP address Gmail "details" show, can be seen with an IPv6 address at one time but with an IPv4 address at another. I've disabled both mobile and tablet access to gmail leaving the only access when I log in on my PC. I'll see if I get any accesses from IP addresses other than my own.

If you are seriously concerned about the security of your gmail account can I recommend you get a yubikey. This is a little gadget like what the banks issue that does 2nd factor authentication.

2 factor authentication is where you use "something you know" and "Something you own" to log in. The something you know is the password, this as you know can leak. The "something you own" is the physical device in my case the yubikey. For a hacker to get into my gmail account, they would need to
1) Get my password
2) get hold of my yubi key without me knowing about it.
3) pass the test that google sets when authorising a new computer.

I have a yubikey which protects my LastPass password manager, Dropbox, Gmail and others. It is a fantastic little device and well worth the money if you are concerned about security. If you are on windows you can also use it to login to your windows system as well. It also protects all your google app logins as well.

https://www.yubico.com/why-yubico/for-individuals/gmail-for-individuals/

Here are all the yubi keys.
https://www.yubico.com/products/yubikey-hardware/

I chose the yubikey Neo because it supports NFC. This means I can lock my tablet and my phone as well without having to plug it in.

^{_{Subscribers  do not see these advertisements}}

 

[stevec]

Thanks Gromett. Are they straightforward to use for us non-geeks?

 

[DBK]

What are you using to send your email? According to this, if you use a web browser, Gmail hides your IP address but if you use an email client like Outlook it doesn't. Extract below - but I am not sure how up to date this information is.

"Also, note that if you receive an email sent from a Gmail account through the web browser, you may not be able to find the real IP address because Google hides the real IP address of the sender. However, if someone sends you a mail from his/her Gmail account using a client like Thunderbird, Outlook or Apple Mail, you can find the originating IP address."

But I think you also need to work out just what exactly the threat is if someone has your IP address, according to this it is quite easy for people to discover your IP address but it isn't clear what they gain other than doing something illegal and disguising themselves as you, but how often does that happen and if you turn your router on and off as I suggested earlier you will get a different IP address. Gromett's key approach is very secure but I don't think the average person yet needs to go down that route, though it is very much a personal choice.

If you think someone has accessed your email account (it happened to me a few years ago with BT Mail) then just change your password - as you have already done. In my case it took a bit of sorting out as they set up a mail forwarding scheme so any mail coming to me was forwarded off to somewhere else and the messages they sent used an email address almost exactly like mine but for one different letter.

 

[Gromett]

Thanks Gromett. Are they straightforward to use for us non-geeks?

Yes they are very easy. took me about 2 minutes to get it up and running on google (if that).
All I do now is plug it into a USB port, put my finger on the metal disk when google asks for it. That is all.

^{_{Subscribers  do not see these advertisements}}

 

[Gromett]

Gromett's key approach is very secure but I don't think the average person yet needs to go down that route, though it is very much a personal choice.

I think the key approach is better for the average user who doesn't understand all the security issues and how to stay safe.

I have never ever been hacked nor had a password leak. All my passwords are unique as are all my usernames (different email address for every login). I went this extra step because I handle client data. For me, I can say to clients I take every single step possible to maintain security, for me it is a matter of trust not security.

For the average user, the yubikey is fantastic as it takes a lot of the pressure off password security and is the single most effective means of ensuring the security of your accounts.

It is my opinion that user email breaches are the biggest security risk for the average user. Once the hacker has your email account, they can do password reset requests on other services. They can trawl for information which is helpful on phishing attacks or identity theft. Never underestimate how valuable your mailbox is. It is the first link in the chain so keep this safe and you reduce the risk to all other aspects of your online security etc.