Gmail is stepping up its efforts to protect user accounts, and this is the perfect moment to upgrade our security settings. With phishing attacks becoming more sophisticated, Google is urging us to activate two essential features that significantly reduce our risk of falling victim to cyber threats.
Two-step verification is now a must
Google is making two-step verification (2SV) mandatory for all Gmail users, and many of us have already received an email urging us to enable it. This change is rolling out over the next few weeks, and if we don’t activate it within 15 to 30 days, we could lose access to our accounts.
Turning it on is easy: just head to myaccount.google.com/security, enable 2SV, and choose whether to receive a code via text, use an authentication app or plug in a security key. This extra layer makes it incredibly hard for hackers to access our data, even if they know our password.
Go beyond passwords with passkeys
Google is also pushing a more secure login method: passkeys based on biometric data. Instead of typing a password, we can use a fingerprint or facial recognition on a trusted device, like our phone, to access our Gmail account.
Passkeys work by generating a unique public and private key pair, where the private part stays only on our device. This makes it nearly impossible for attackers to intercept or guess the credentials, as no data is shared during the login process.
And if we lose our phone, we can still recover our passkey from another device by signing into Google—no need to worry about being locked out.