Reset your Gmail password now.

Google recommends that users create a passcode for their account. Photo: Reuters .

Most people still use passwords to log into their Google and Gmail accounts. Customers only change their passwords when they lose them or their accounts are hacked.

This is a worrying reality. Many users are hesitant to change their Gmail passwords because they've "used it for 5 years without ever being hacked." However, Forbes suggests that given the current state of cybersecurity, it's only a matter of time before that happens.

“More than 60% of consumers in the U.S. feel that scams have increased over the past year. One-third of them have directly experienced data breaches,” said Evan Kotsovinos, Vice President of Security and Safety at Google. He and leading security experts at the company are urging people to stop using passwords because they are both difficult to manage and easily become targets of phishing attacks.

The company is facing a serious wave of cyberattacks targeting Gmail, particularly from hackers using advanced AI tools. Google has officially warned users to respond and address the issue within 7 days to prevent hackers from gaining access to their accounts.

The world's largest search engine recommends changing your Gmail password now to a passkey method, which offers better data management and protection. "We want to move beyond the password era while ensuring the login process is as simple as possible," Kotsovinos confirmed.

Experts explain that the passcode is phishing-resistant and allows you to log in using your face or fingerprint. When combined with a Google account, this feature allows users to access their favorite websites and apps, reducing the number of accounts you need to manage.

Steve Won, Product Manager at 1Password, explains, “Each passcode consists of two parts. A unique public key, generated and stored on the company’s servers. The other key is private, stored on the user’s device.”

Imagine the public key as a lock visible to everyone, but only the person with the private key can unlock it. The system sends a request, and only those who understand and decrypt it are allowed to continue logging in. “The encryption key is virtually impossible for hackers to guess or intercept, because the keys are randomly generated and never shared during the login process,” Won explained.

According to Forbes , simply put, a passcode is a default form of security that is already very strong, resistant to most phishing attacks, and extremely easy to use. Bad actors cannot simply guess the passcode, nor can they exploit weak or reused password lists as is often the case. In fact, this passcode cannot be stolen or exploited like a leaked password.

The private key will never leave the device, so there's no chance of a mass password attack. Users also can't create a weak passcode, as all passcodes are strong and secure by default, just as they were designed.

To switch from a password to a passkey, go to Google Account Settings, select Security settings, and then select Passkeys. Click Generate passkey and follow the instructions, then verify your identity using fingerprint or facial recognition on your computer or phone.

Source: https://znews.vn/dat-lai-mat-khau-gmail-ngay-post1561127.html