Gmail Account Attack: You Must Enable 2FA

Yesterday we found out that details of around five million Gmail accounts have been acquired via phishing and social engineering. Whilst this isn't related to any security failure on Google's part (the info was captured after tricking users into entering their Google account details into phishing sites) it does emphasise why you need to do as much as possible to protect your online accounts.

Your email is a gateway to resetting passwords to almost all of your other online services - and there's a real danger that you could lose real money as a result.

Gmail's two factor security is pretty good and there is no reason why you shouldn't be using it. It secures both applications and computers; and prevents someone accessing your account even if they have managed to gain knowledge of your password.

So, if you haven't recently changed your Gmail password go and do it now. Then while you're there enable 2-step verification.

You'll be glad you did.