What Happens to Your Google Account
If Your Phone Is Stolen
Your Gmail, Drive, Photos, and saved passwords are all accessible on a stolen unlocked phone. Here is what is at risk and exactly how to lock everything down remotely before a thief uses it.
Last updated: June 2026 · 6 min read
If your phone is unlocked or has a weak PIN
A thief can open your email, reset passwords via Gmail OTPs, access your Google Pay, and download your photos — all within 5 minutes. Your first action must be to remotely sign out your Google account.
What a Thief Can Access Through Your Google Account
Gmail
CriticalAll your emails are visible. More importantly, any account linked to this Gmail can be reset — banking apps, social media, UPI — via "forgot password" links sent to this email.
Google Pay / GPay
HighIf your phone is unlocked and fingerprint is enrolled, GPay can be accessed directly. Linked bank accounts can be used for transfers.
Google Photos
HighEvery photo you have ever backed up — including Aadhaar, PAN, bank cards — is accessible. These can be used for KYC fraud.
Google Drive
MediumDocuments, scanned files, and anything stored in Drive is visible and can be downloaded.
Chrome saved passwords
HighIf Chrome is signed in and "Offer to save passwords" was enabled, all saved website passwords are visible at passwords.google.com from the logged-in phone.
Google Contacts
MediumYour contact list can be used for fraud calls pretending to be you, or to target your family members.
Step 1: Remotely Sign Out Your Google Account (Do This First)
From any other device or computer, go to myaccount.google.com → Security → Your devices. Find your stolen phone and tap Sign out. This immediately ends the active session on that device — they will be kicked out of Gmail, Drive, and all Google services.
If you have already changed your Google password, all active sessions on other devices (including the stolen phone) are automatically signed out.
Step 2: Change Your Google Password Immediately
Go to myaccount.google.com → Security → Password and change it right away. Use a strong password you have never used before. This signs out all devices including the stolen phone.
After changing the password, also review the Third-party apps with account access section and revoke any apps you do not recognise.
Step 3: Secure the Linked Services
Change your email password for any account linked to Gmail
Any account that uses "Sign in with Google" or sends password resets to Gmail is at risk. Change passwords for banking, social media, and shopping accounts.
Contact your bank to freeze net banking
Banks allow someone to reset a net banking password using an email OTP. Call your bank immediately and put a block on remote password resets.
Deactivate Google Pay on the stolen device
Go to pay.google.com → Settings → Payment methods → scroll to your device → Remove. This deactivates GPay on that specific device.
Check recent activity on Google Photos
At photos.google.com → Library → Recent Activity. If photos were accessed or shared after the theft, note the timestamps for your police complaint.
How to Prepare Now (Before Anything Happens)
Enable 2-Step Verification on your Google account
myaccount.google.com → Security → 2-Step Verification. Use an authenticator app, not SMS, for maximum security.
Set a strong lock screen PIN — not a pattern
A 6-digit PIN prevents casual access. Pattern locks are often visible from smudges on the screen.
Use a different email for sensitive account resets
If your banking and Gmail are the same account, one breach exposes everything. Use a separate, private email for bank registrations.
Note your IMEI and Google account recovery phone
Knowing your IMEI and having a recovery number set lets you re-access your Google account even after the thief changes settings.