It looks like you've attempted to sign in using an old password. If you remember changing your password, just sign back in using your most recent password. If you remember changing your password but have forgotten your new one, you can regain access to your account by going to our password assistance page.
If you don't remember changing your password, someone else might have accessed your account and changed your password. In some cases, your previous recovery email or phone might be available on the password assistance page for resetting your password. If that's not the case, you'll have the option to fill out our account recovery form to verify your identity and reclaim your account.
To show this message, Google needs to store your old password (actually, a password hash, since Google doesn't store the actual password). This is probably useful if someone managed to access your account and changed the password. Obviously, you'll still try the old password and you won't understand why it no longer works.
{ Thanks, Venkat and Brandon. }
haha. you should edit the title to add hash to it! it's sensational right now. :)
ReplyDeleteAgree with Sushubh: that title isn't good at all. It will do nothing but scare people who only read the title of posts before starting to spread false rumors...
ReplyDeletewhy? just a small check like "IF password WRONG AND datepwdchange < 10 THEN display that generci message" will work. You could say that Google stores passwords if it would give you the abilityi to effectively restore it, not just because it knows WHEN a pwd was changed...
ReplyDeleteGoogle's just storing the last date when you changed your password. :p
ReplyDelete@Sushubh, John:
ReplyDeleteI replaced "stores" with "remembers" to make it clearer.
@Tambu, Manish:
Not true. The message is only displayed when you enter an old password.
Any security system worth its salt (pun intended) is going to keep a history of old password hashes in order to prevent the user from re-using old passwords. This fairly standard security measure would be impossible without such a history. Google is simply making additional use of this history to the user's benefit.
ReplyDeleteNice. But how to restore account in case some hacker deletes it?
ReplyDeleteFacebook does the same thing
ReplyDeleteThank you for this information I appreciate it. Have you heard about Acai Berry Select? Its wonderful.
ReplyDeleteI see no harm in that. Active Directory services usually store last 20 password hashes for security reasons ;)
ReplyDeleteAnd yet, Google blocks you from reusing a password... maddening.
ReplyDeleteThis is really nice for instance when your account got hacked you can be sure that there is something suspicious not just you forgot the new password. It's small but rally good security improvement
ReplyDeleteI did not change the password for my gmail account, and I am pretty sure that it has been hacked by someone (the same email id and password I used for one more website, which is also not working). I tried all the ways to recover to the account, but failed. After providing the recovery email, or secondary email id which we provide for back up, it sent a password reset link to that account. After going through it, it resulted in creating a new gmail account instead of recovering the existing one. It would be really great if anyone can suggest me how to recover the gmail account, or address this issue.
ReplyDeleteMany thanks in advance.
This is interesting, but how do you get google to remember your new password without having to retype it each time.
ReplyDelete