Google expected to tweak Gmail security this week

Security key on keyboard

Google is expected to update Gmail this week with a number of security enhancements aimed at reducing the risk of phishing and hacking attacks on users' accounts.

US technology site TechCrunch claims to have been tipped off about the security fixes by a Google insider, and says the new measures could be rolled out as soon as today.

The report goes into detail about two specific changes Google is said to be implementing aimed at better protecting users' account details. The first is an additional line of defence when a user is attempting to access their account on a new computer and has lost or forgotten their password.

The new feature will reportedly allow the user to request a new single-use pass key that will be sent via text message, which they can then enter into Gmail to authenticate themselves and simultaneously lock out all other avenues of accessing the account.

The second fix relates to the implementation of a different version of OAuth for Gmail's contacts exporter, which is used by other services to import Gmail contacts. It's likely that OAuth WRAP will be put forward, with WRAP profiles having a number of important capabilities that were not available previously in OAuth.

According to TechCrunch, the security enhancements are at least partly a response to the perceived vulnerability of Google and other high-profile technology firms in the light of the large-scale cyber attacks that originated in China and targeted around 20 unnamed companies at the turn of the year.

Google has yet to officially comment on the rumoured updates.