Google Says Your Accounts May Not Be Secure Enough - Here's Why You Should Stop Using Just A Password

If passwords are the centerpiece of your online security strategy, you're not alone. According to a Google and Morning Consult survey, 60% of U.S. consumers say they use strong, unique passwords to keep their accounts safe, even though there are now easier and potentially more secure alternatives available. What's worse, a small but not insignificant number of people admitted to reusing the same passwords across multiple accounts, a practice that makes it easier for cybercriminals to break into several accounts if just one set of login credentials is ever leaked.

Given that passwords have been the standard for decades, it's not surprising that they're still widely used. However, Google is trying to change that. The company is pushing for users to move beyond passwords in favor of newer options like passkeys and social sign-in. Part of the reason for this push is an uptick in online scams, with many of them trying to trick people into giving up their login information. From phishing attacks to fraudulent DMV texts, it seems we can't get a break from scammers trying to steal our information.

Weak, recycled, and stolen passwords are still among the most common ways cybercriminals gain access to our accounts, and even what we think are strong passwords can be compromised — and that's not the only problem. We also have to manage all of those passwords, an overwhelming task that leads many of us to cut corners and choose convenience over security. Instead of trying to create and remember better passwords, Google argues that using passkeys or social sign-in is the way to go. These options make signing in across devices easier and safer while making it harder for bad actors to get into your accounts.

While most people are familiar with alternatives like social sign-ins and passkeys, their daily use is still low. That's why Google is trying to get the word out that these are safe options that are easier to use. Google is encouraging users to replace their Google account password with a passkey. 

With passkeys, you don't have to remember a long string of letters, numbers, and symbols because they're replaced with biometric verification like your fingerprint or face scan from your phone or computer. Since they're stored on your device and aren't typed out, they're much harder for cybercriminals to steal. They're also phishing-resistant because they can't be shared or entered into fake websites the way passwords can.

The company is also making the case for signing in to third-party apps and services using Google accounts through social sign-in. Social sign-in is another way to simplify logins, allowing you to use your Google credentials instead of creating new passwords for every site you visit. You've probably been browsing the web and see the option to create an account with a Google or Facebook account instead of creating a new username/password combination. Doing so can reduce password fatigue and decrease the likelihood of people using the same password across several accounts. Keep in mind that while consolidating access through a single account can make things easier, if your Google account is ever compromised, your connected accounts could be put at risk too.