Google has issued a strong advisory, confirming that a significant 61% of Gmail users are vulnerable to cyberattacks and need to upgrade their account security immediately.
This announcement, initially reported on June 6th, 2025, highlights the increasing risks associated with outdated security measures. The tech giant emphasizes that relying on traditional passwords and two-factor authentication (2FA) is no longer sufficient in today’s threat landscape.
The Password Problem
Google explicitly warns that “passwords are not only painful to maintain but are also more prone to phishing and often leaked through data breaches.” This vulnerability extends beyond Gmail, impacting all Google services and any platform where you use your Google account for login.
The Rise of Passkeys
The recommended solution? Passkeys. Google is actively promoting passkeys as a more secure and user-friendly alternative to passwords. “Passkeys are phishing-resistant and can log you in simply with the method you use to unlock your device (like your fingerprint or face ID) — no password required,” Google explains.
Using passkeys streamlines the login process and significantly reduces the risk of credential theft. By linking your account to your device, you transform your smartphone or tablet into a digital key.
Gen Z Leads the Way
Interestingly, younger users are already adopting these advanced security measures. According to Google, “Digitally-native Gen Z users are bypassing outdated security norms like passwords, opting for more advanced authentication tools” like passkeys and social sign-ins.
Why This Matters Now
Cybersecurity firm Check Point reinforces the urgency, stating that “breaches are not a matter of if but when.” They emphasize that attackers often gain access through stolen credentials obtained through phishing, social engineering, or brute force attacks. Once inside, they can move laterally, escalate privileges, and exfiltrate data, often undetected for months.
What You Need to Do
Google encourages all users to take immediate action to upgrade their account security. Here are the key steps:
- Enable Passkeys: Transition from passwords to passkeys for a more secure login experience.
- Review 2FA Settings: If you must use 2FA, avoid SMS-based verification and opt for authenticator apps or Google prompts.
- Limit Password Reuse: Use unique, strong passwords for all your online accounts, or better yet, switch to passkeys wherever possible.
By taking these steps, you can significantly reduce your risk of falling victim to cyberattacks and protect your valuable data.
Microsoft’s Bold Stance
Even Microsoft is advocating for a password-less future, urging users to delete passwords altogether to eliminate potential vulnerabilities. While Google doesn’t yet offer this option, embracing passkeys is a crucial step in that direction.
Don’t wait, upgrade your Google account security today!