As phishing attacks surge with the rise of AI, Google pushes users to adopt passkeys and social sign-ins for Gmail and other services—calling passwords outdated and unsafe.
June 9, 2025: Google’s Urgent Alert: Ditch Passwords or Risk Getting Hacked — Move to Passkeys Now
Google is issuing a firm warning to its billions of users: stop relying on passwords and even traditional two-factor authentication (2FA) to secure your accounts. In a world increasingly riddled with phishing scams powered by artificial intelligence, the tech giant now strongly recommends switching to passkeys and social sign-ins.
According to a new report in Forbes, Google has observed that 61% of email users have already been targeted by cyberattacks. The company stresses that outdated login methods—especially passwords—are painful to maintain and frequently compromised in data breaches.
What Are Passkeys?
Passkeys are a new method of login that eliminates the need for passwords. Instead, users authenticate themselves using biometric features like fingerprints, facial recognition, or device-level authentication such as PINs or swipe patterns. Google calls this system “phishing-resistant” and says it aligns with how users already unlock their phones.
“It’s important to use tools that automatically secure your account and protect you from scams,” Google emphasized in a statement.
Why Is Google Making This Push?
The growing use of AI in phishing and impersonation scams is making traditional methods highly vulnerable. Instagram head Adam Mosseri recently revealed that he almost fell victim to a phishing attack where scammers used legitimate-looking Google domains and professional English to lure him into changing his password mid-call.
“They asked me to change my password in the Gmail app—and not say it out loud,” Mosseri shared on Threads. Only his prior knowledge of similar scams helped him avoid the trap.
Who’s Adapting?
Younger users, especially Gen Z, are increasingly adopting passkeys and ‘Sign in with Google’ options, while older generations remain tethered to passwords and OTP-based logins.
What Should You Do?
Google advises:
- Enable passkeys for your Google and Gmail accounts.
- Prefer social sign-in options like “Sign in with Google” on third-party platforms.
- Avoid clicking on suspicious links, even if they appear to come from trusted domains.
- Stay updated with Google’s official security alerts and recommendations.
As cyber threats evolve rapidly, ditching passwords may no longer be a matter of preference—it’s a necessity.
Tags:
Google alert, password security, Gmail hack risk, passkeys, social sign-ins, phishing attacks, Adam Mosseri phishing, 2FA vulnerability, Google security update