Don’t wait for your password to leak — change your account settings now.
Updated on Nov. 3 with further reports into breached Gmail passwords and Google’s advice to users on why passwords should be now replaced) suggested a massive new password leak. “Reports of a ‘Gmail security breach impacting millions of users’ are false.
Gmail’s defenses are strong, and users remain protected.” But just because the breach is not new does not mean it’s not dangerous. Google says users should “reset passwords when they are found in large batches like this.” In reality, don’t wait for a breach to turn up, while regularly changing passwords is no longer considered best practice, ensuring passwords are strong and unique certainly is.But passwords will always be vulnerable to being leaked or stolen. “Attackers are intensifying their phishing and credential theft methods, which drive 37% of successful intrusions,” Google, and “an exponential rise in cookie and authentication token theft as a preferred method for attackers, with an 84% increase in infostealers.”That’s why Google tells users that “adopting passkeys as a stronger and safer alternative to passwords” stops account password compromises. And on that note, with these latest “Gmail security breach” headlines still swirling, there was some quieter, better news for Google and its billions of Gmail account holders.confirmed in its latest passkey adoption report. “A scale so dominant that including it in our top 20 would distort the competitive landscape for other services.” According to the password manager, “Google’s sheer volume dwarfs that of other platforms.” This, it says, was driven “by a pivotal product decision: In October 2023, Google made passkeys the default login option for personal Google Accounts. This move effectively exposed hundreds of millions of users to passwordless authentication, creating the largest real-world deployment of passkeys to date.”Unlike Microsoft, Google is not yet advocating for the complete deletion of passwords. But it does say that defaulting to passkeys means users can create complex passwords and multi-factor authentication options that don’t need to be as convenient as SMS. As such, while adopting passkeys is the solution, it only works if you stop using your password — even if a password remains on the account as a back-up. “Google’s approach demonstrates the power of defaults,” Dashlane says. “By making passkeys the path of least resistance rather than an opt-in security feature, Google transformed passkey adoption from a trickle into a flood.”Clearly if your Gmail password is weak or you have checked and found it contained in one or more data breaches, you should reset it. But it’s critical that Google users — on Gmail and other platforms — do not see this a defense against account compromises. Unless you have enabled a non-SMS form of multi-factor authentication on your account, then you should consider that account at risk. While resetting a compromised password is important, adding MFA is muchSimilarly, you’re better spending the time it takes to reset a password on adding a passkey. In just a few seconds you can assure your account is secure. But remember, you still need strong MFA as well, as your password will still enable account access.Google says “passkeys provide the strongest protection. They can never be guessed or reused, helping keep your private information secure against attackers.” The advice here is not to stop using your password because it’s likely leaked, it’s to stop using your password because it’s intrinsically vulnerable to attack. Google assures its users that “passkeys provide the strongest protection against threats like phishing. Once you create a passkey, you can use it to easily sign in to your Google Account," and critically, “unlike passwords, passkeys can only exist on your devices. They can’t be written down or accidentally given to a bad actor." It’s no surprise that Google now leads the way in passkey adoption. “When you use a passkey to sign in to your Google Account,” the company says, "it proves to Google that you have access to your device and are able to unlock it.”
Gmail Breach Gmail Password Leak Gmail Data Breach Gmail Attack Gmail Hacker Google Attack Google Warning
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Tip jar theft suspect identified after using store rewards card: Rocky River Police BlotterA Giant Eagle loss prevention officer on Oct. 9 reported the theft of the tip jar from the Starbucks coffee shop located within the store. The suspect had already left the store but used her rewards card at the checkout, so the store and police were able to identify her.
Read more »
Rep. Nancy Mace Accused of Using Profanity Towards Airport PoliceU.S. Representative Nancy Mace reportedly used profanity and criticized Charleston County Aviation Authority Police officers at Charleston International Airport after a miscommunication regarding security escort. Mace's team stated they take her safety seriously due to threats.
Read more »
Do You Suddenly Need To Stop Using WhatsApp After New Attacks?WhatsApp responds to new attacks from Elon Musk and Signal. Are there “security vulnerabilities” and what should you do now?
Read more »
Is Using A Digital ID At TSA Safe?Briley Kenney has written about technology and consumer electronics for nearly two decades. Starting in the days of yore, covering Blackberry, he has a vast array of bylines.
Read more »
Landlords Are Using AI to Make Photos of Nasty Apartments Look Clean and ModernI've been at Futurism since 2017, where my role has evolved to encompass design, writing, and increasingly editing.
Read more »
‘Shark-Hunting’ Orca Pod Using Brutal Trick To Kill Young Great WhitesA pod of killer whales has found a devastating tactic that helps them sink their teeth into energy-rich shark livers.
Read more »