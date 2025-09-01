If you have a Gmail account, you should at least change your password now. Gemini @blue News

In light of an increase in successful cyberattacks on Gmail accounts, Google is urging account holders to change their password and activate two-factor authentication. What's behind the hacking activity.

Martin Abgottspon

No time? blue News summarizes for you Google has issued a warning to all Gmail users after hackers breached an unknown number of accounts.

To minimize risk, Google strongly recommends changing your password, enabling two-factor authentication and reviewing your personal account management.

The use of the Google password manager is viewed critically, as attackers who gain access to the Gmail account also gain access to all passwords stored there. Show more

Google has issued an urgent warning to users of its email service Gmail. According to reports, hackers have managed to compromise a large number of Gmail accounts. In light of the potential threat to over 2.5 billion active accounts, the tech giant is urging all users to immediately review and strengthen their security measures.

The warning, which was originally picked up by Android Headlines, underlines the severity of the situation. A Gmail account often serves as a central key to numerous other online services, especially for the many Android smartphone users. The successful attacks could therefore have far-reaching consequences. Google recommends that users immediately check their account management to identify unknown login attempts or password changes. This area is easily accessible via the profile picture in the Gmail app.

Password change and two-factor authentication

As a primary protective measure, Google recommends changing your password and ensuring that it is highly complex. Ideally a mixture of upper and lower case letters, numbers and special characters. However, a password alone is no longer sufficient. Google urges users to activate two-factor authentication. This additional layer of security can be implemented using various methods:

Passkeys: the most secure method, which enables identification via fingerprint or facial recognition.

Confirmation codes: A code is sent via SMS to a stored phone number.

Authentication apps: Use of a separate app to generate unique codes.

You can use these security tools from Google Security check : With the security check, you can check at a glance whether you have activated all available security functions for your Google account, for example 2-factor authentication. It also lists security-related activities such as new logins and which third-party apps have access rights to your account.

Password check : You can use this tool to check the security of the passwords stored in your Google account. It checks whether you have been hacked, how secure your passwords are and which of them you use more than once. Advanced

Security program : According to Google, this additional program is for users "who are at increased risk of online attacks due to their media presence or notoriety". However, anyone can sign up for it. The program restricts third-party apps from accessing the Google account and protects against malicious downloads. All logins then only work with a passkey or analog security key.

Passkeys: Passkeys use biometric data such as fingerprints and facial recognition or the screen lock to log in. They are considered better security than the classic password. You need your cell phone, laptop or tablet to add a passkey to your Google account. Show more

Criticism of the Google password manager

A critical point that is discussed in this context is the use of the Google password manager. Although this service is convenient, it poses a significant risk. If attackers crack a Gmail account, they simultaneously gain access to all the passwords stored there. This gives them access to the user's entire digital identity. Security experts therefore recommend using independent password managers to secure passwords separately from the Google account.

Apart from the current attacks, Google warns of a general increase in phishing attacks, in which criminals attempt to steal login details through fake emails, text messages or phone calls. Users are therefore urged to remain vigilant in everyday life and to ignore suspicious messages in the name of Google Support. The latest incidents show that security in the digital space requires constant attention.