top of page
Asset 4_72x_edited_edited_edited_edited.

Google Account Compromise Mitigation

A flow helping users whose Google Account was broken into

Background

Why

Google Account hacks are rare but destructive, and users had only overwhelming help articles to rely on

What

We created a flow guiding users through this difficult experience

How

The flow helps users identify the compromise > secure the account > mitigate damage > add protection

User-side 

  • Critical implications for users 

  • Users must take complex steps urgently 

  • Users are in emotional distress

  • Google doesn’t have all the info, and shouldn’t reveal info that might help hackers

  • Goal: drive to action while not causing panic

Google-side 

  • "A company “big bet

  • Industry-first product

  • Lack of team alignment on feature priority

  • Multiple inconsistent components

  • Required collaboration across Google

  • Frequently changing requirements 

Challenges

Process

UXD/W/R partnership

I wrote initial copy based on foundational UXR, then iterated based on usability testing (x4), conversation mining and scenario mapping

Drove team alignment 

Crafted content strategy to help unite stakeholders around a common narrative, settling disagreement
on feature priority

Creatively flexed patterns 

Tested unconventional language
& design solutions to elicit the

needed emotion and action

Content strategy 

I likened the flow to a health emergency…

  1. Stop the bleeding >> 

  2. Stabilize the patient >> 

  3. Promote future health

This metaphor informed the information architecture, design principles, and tone:

  1. Get the hacker out >> 

  2. Fix urgent damage >> 

  3. Recommend safety measures

Amount of info

  • Keep text as brief as possible

  • Use progressive disclosure

Tone of voice

  • Convey urgency

  • Guide confidently

  • Be helpful

  • Reassure

Messaging

    As in a 911 call…

  • Tell us what’s happening

  • We’re here for you

  • We’ll guide you through it

  • Here’s what you can do

Design priorities

  • Critical actions first

  • Remove any obstacles

  • Helpfulness beats beauty

The result: the flow itself

Main screen

Visual inspired by my

content strategy

To motivate completion, the copy
conveys severity but guides confidently

Verbs drive to action, numbers added to help users follow the order (1st item is critical, hence the exclamation)

Google doesn’t know if there’s damage, hence “any”

Every step conveys the implications,
to encourage action

Copy by partner team

Step 1

The question format was a breakthrough, increasing user attention & engagement

The risk is explained to convey the implications 

Natural language supports clarity. Progressive disclosure enables processing.

CTAs match original setting in Google Account

16 possible use cases with unique design & copy

Activity details popup

   Details popup

  • Copy had to compensate for Google’s lack of knowledge on who did this and whether there’s damage

  • “(Signed out)” to reassure that the device is disconnected

Step 3

If the user had financial activity, another step is added here

IA & copy tailored for 6 use cases

Not all cases actionable in-line, necessitating complex guidance

Risk conveyed clearly, with clear guidance

Internal award highlighting UXW 

“...The team shows utmost empathy to the user, while guiding them with salient and understandable info, nudging with urgency, and providing reassurance.”

“...The concise wording here helps know what to expect and walks users through the steps...”  
- Support Team

“...The tone here is just what I was looking for...”

- Internal QA

A team field trip with the award money

bottom of page