Update, June 15, 2025: This story, originally published on June 14, has been updated to include additional technical information on using a passkey to replace your Gmail password.
Don’t just take my word for it; even Google admits that email attacks have targeted 61% of U.S. consumers.
Google’s vice-president of privacy, safety and security, Evan Kotsovinos, has issued a warning in which he “strongly encourages” the 2 billion users of platform to make one straightforward change: replace your Gmail password now.
Google recommends that you change your Gmail password now to something more secure.
ForbesCritical Google Messages Security Update For 1 Billion Users Confirmed What Is A Passkey, And How Is It Technically More Secure Than Your Gmail Password?
Update, June 15, 2025: More technical details about changing your Gmail password with a passkey have been added to this story, which was first published on June 14.
I’ve said it before, and unless you do something right away, I’ll say it again: Gmail, like all email providers, is being attacked. Google acknowledges that 61 percent of Americans have been the target of email attacks, so don’t just take my word for it. S. shoppers. Take a moment to process that. Now, you should be concerned and act right away to lessen the likelihood that you will fall victim to email hackers again. In a warning, Evan Kotsovinos, Google’s vice-president of privacy, safety, and security, “strongly encourages” the platform’s 2 billion users to make one simple change: change their Gmail password right away. Here’s what you should know and do.
Forbes explains how to use these hidden Gmail addresses to stop hacking attempts.
Google strongly advises you to update your Gmail account password right away.
The vast majority of people still sign into their Gmail accounts and Google accounts using passwords. That’s a scary idea, but it’s not shocking given our propensity to oppose change, particularly when it comes to matters of security. I frequently—and completely incorrectly—use the overused maxim “if it ain’t broke, don’t fix it” when I warn users that their password is endangering their accounts, email, data, and finances. Responses like “I’ve used that password for five years and never been hacked” are common. It’s only a question of time, friend, and the state of cybersecurity indicates that time is running out.
“More than 60% of U. S. According to Kotsovinos, “consumers believe that scams have increased over the past year, with one-third personally experiencing a data breach.”. Therefore, one of Google’s top security experts has also advised all users to stop using their passwords, which are difficult to remember and vulnerable to phishing scams.
This is all very good news, and this advice should be taken right away because of the continuous cyberattacks on Gmail accounts that we have been seeing for several months now, which frequently use AI-powered tools. Here’s what to do.
The security update for one billion Google Messages users has been confirmed by Forbes.
How is your Gmail password less secure than a passkey, and what does that mean technically?
The first step in understanding why Google and the majority of other major tech vendors want users to embrace the identity security solution as soon as possible is to understand how a passkey actually functions. I talked to Steve Won, the chief product officer of 1Password, a popular password manager, about the technology that makes passkeys such a safe way to replace passwords. The two keys that make up each passkey are a private key that is kept on the user’s device and a unique public key that is generated and kept on the server of that business, according to Won. Like all public/private key systems, this one uses the public key, which is known to everyone, to create a challenge that can only be solved with the private key, which is secret and only you know. Because the passkeys are generated at random and are never shared during the sign-in process, it is practically impossible for hackers to guess or intercept them, Won added. “”.
Passkeys can be thought of as being easy to use, robust by default, and impervious to the majority of phishing attempts. Lists of weak and repurposed credentials cannot compromise them, nor can a hacker just guess what one it is. Since they cannot be stolen, using credentials that have been stolen is no longer an option. Your private keys never leave your device, and brute force or password-spraying attacks are impossible. By definition, all passkeys are strong and secure by default, so it is impossible to create a weak passkey.
Forbes: Microsoft Verifies Outlook Email Encryption Security Pause.
Three easy steps to replace your Gmail password with a passkey.
Google suggests that before beginning the passkey creation process, make sure you have the following things ready because preparation is key.
an operating system that is ChromeOS 109, macOS Ventura, or Windows 10.
A smartphone with Bluetooth and screen lock turned on, running iOS 16 or Android 9 or later.
the most recent iteration of a compatible browser, like Chrome, Edge, Firefox, or Safari.
Users of iOS and macOS need to activate iCloud Keychain.
Now that you have that resolved, here are three easy steps to convert a password to a passkey.
Go to Security Settings and choose the Passkeys option under “How you sign in to Google” after accessing your Google Account settings. “.”.
After selecting “create a passkey,” proceed with the instructions.
Simply use your computer or smartphone’s fingerprint or facial recognition to confirm your identity, and that’s about it.
Now that you have eliminated one of the main ways hackers can access your data, you can sign into your email account using a passkey rather than your Gmail password. Additional information about Google passkeys is available here.
