According to Forbes, Google has issued increasingly urgent warnings for all Gmail users to stop using passwords entirely and switch to passkeys immediately. The company first declared “so long passwords” back in 2023, but new data shows 57% of adults experienced scams in the past year with 23% reporting stolen money. This week’s breach data included 394 million unique Gmail addresses, while Google reports passkey adoption has surged 352% in the past year. The threats are escalating as transnational crime groups, including Chinese organized gangs, misuse AI tools to scale their schemes. Google’s clear advice is to abandon passwords completely in favor of passkeys, which protect against phishing and data breaches.
Why passkeys matter now
Here’s the thing about passwords – they’re basically broken. And we all know it. You reuse them across sites, they get stolen in data breaches, and phishing attacks trick you into handing them over. Passkeys change the game completely because they’re tied to your specific device and require your biometrics or PIN to unlock. That means even if someone gets your username, they can’t access your account without physically having your phone or computer.
Google isn’t alone in this push either. Microsoft actually tells users to delete passwords altogether from their accounts. But Google takes a slightly different approach – they let you keep your password as a backup while paying “closer attention” to any sign-ins that fall back to passwords. Basically, if you switch to passkeys and someone tries to use your old password, it’ll raise immediate red flags.
The human resistance problem
So why aren’t more people making the switch? It’s weird, right? We complain about remembering dozens of passwords and worry about security, but when a better solution comes along, we hesitate. Part of it’s just habit – we’ve been typing passwords for decades. Part of it’s misunderstanding what passkeys actually are.
Look, passkeys aren’t some complicated new technology you need to understand. They’re just a simpler, more secure way to prove you’re you. When you set up a passkey for your Google account, you’re basically telling your phone or computer “only let me in when I’m physically here with my face or fingerprint.” No more remembering whether you used capital letters or special characters in that password from 2018.
Where this is headed
I think we’re looking at the beginning of the end for passwords. The latest fraud advisory from Google makes it crystal clear that the threat landscape has evolved beyond what passwords can handle. Scammers using AI to create more convincing phishing attempts? That’s happening right now.
The 352% increase in passkey adoption Google mentions is telling. People are catching on, but we need to move faster. Your Google account isn’t just email anymore – it’s your photos, your documents, your authentication method for countless other services. Protecting it with a password in 2025 is like locking your house with a screen door.
And honestly, the transition is painless. Google’s original passkey announcement laid out how simple this is, and the latest passkey report shows adoption accelerating across the industry. The writing’s on the wall – passwords are becoming legacy technology, and the sooner we move on, the safer we’ll all be.
