Online Reporter
Jacqueline Ntaka, [email protected]
GMAIL users are seeing a growing number of security upgrades as Google steps up efforts to protect accounts from cybercriminals, phishing scams and data breaches.
With billions of people relying on Gmail for both personal and business communication, the tech giant is placing greater emphasis on stronger authentication methods and smarter tools that can detect threats before they cause harm.
One of the biggest changes is Google’s continued push towards passkeys, which are being promoted as a safer alternative to traditional passwords.
Unlike passwords, which can be stolen, guessed or leaked in data breaches, passkeys are linked to a user’s device and are unlocked using fingerprints, facial recognition or a PIN.
Google says this approach is more resistant to phishing attacks because users cannot be tricked into entering a passkey on a fake website.
For users, this means logging into Gmail could soon become both simpler and more secure. Instead of remembering complex passwords, users can sign in using the same method they use to unlock their phones or computers.
Security experts believe this could significantly reduce the number of successful account hacks, particularly those involving phishing emails and fake login pages.
Google is also strengthening protections beyond the login stage. The company has introduced and expanded technologies such as Device Bound Session Credentials (DBSC), which are designed to prevent criminals from stealing authentication tokens and taking over accounts after a user has already signed in.
This addresses a growing threat where hackers bypass passwords altogether by stealing session information from infected devices.
Another important area of focus is scam detection. As cybercriminals increasingly use artificial intelligence to create more convincing fraudulent emails, Google is investing in smarter security systems that can identify suspicious activity and warn users before they fall victim to scams.
The company has acknowledged that online fraud is becoming more sophisticated, making proactive protection more important than ever.
Google is also encouraging users to move away from less secure methods of two-factor authentication, particularly SMS verification. Security specialists have long warned that text-message authentication can be vulnerable to interception and SIM-swap attacks. Instead, Google recommends app-based authentication and passkeys as stronger alternatives.
For the average Gmail user, these changes may seem minor, but they could make a significant difference.
Email accounts often serve as the gateway to banking platforms, social media accounts, online shopping profiles and cloud storage services.
If an attacker gains access to a person’s email account, they can often reset passwords for numerous other services.
Ultimately, Google’s latest security push reflects a broader industry shift towards a passwordless future.
While passwords are unlikely to disappear overnight, the company is making it clear that stronger, device-based authentication will play a central role in keeping users safe online.
For Gmail users, that means better protection against an increasingly complex digital threat landscape and greater confidence that their accounts are secure.
*Jacqueline Ntaka is the CEO of Mviyo Technologies, a local tech company that provides custom software development, mobile applications and data analytics solutions. She can be contacted on [email protected]
