WingNews logo WingNews
top | item 19627818

(no title)

doughj3 | 6 years ago

> Now, you have one more option—and it’s already in your pocket. Starting today in beta, your phone can be your security key—it’s built into devices running Android 7.0+.

You know, it's nice they phrase this as an "option", but in my experience Google has the habit of forcing me to have my phone on me when I login from a new location / new device, something I never asked for and apparently cannot disable.[0] This has locked me out of my Google account more than once which also locks me out of anything that sends 2FA to my Gmail or Gvoice. I guess I'm thankful that I've learned this in non-emergency scenarios, as I'm now prepping to degoogleify myself, but it's a user-hostile in my opinion. Security always has convenience trade-offs, but let the user decide where they want to draw that line.

[0] https://pbs.twimg.com/media/D3WJ0UdXkAASs_O.png

discuss

order

helloindia|6 years ago

This happened with some of my friends, and locked them out of their gmail accounts(2FA disabled accounts). Google won't let them login to their accounts after providing correct password & SMS OTP.

Remaining options include: 1. give date(month year) of email sign-up, which most don't remember

2. pasword reset over alternate email address, which wasn't set during signup.

The only way for free gmail users to get help is support forum ran by gmail user volunteers, which didn't solve the problem. To me this approach to security, just seem super paranoic.

kkarakk|6 years ago

I think it makes sense to me, security that only works part of the time can be bypassed when it doesn't work.

However i've never encountered a TFA service that let you disable it in certain scenarios so i may be wrong

icebraining|6 years ago

Google has always given me other options, does it really enforce having a phone now?

doughj3|6 years ago

I don't know how they determine what options to offer, but using my phone was the only one given, despite entering a correct password. The only other option, which I either found from the "Learn more" link or after exhausting the "login with your phone" attempts, was to create a support ticket for my G-suite account which, in this case, would have been slower than returning to home a few hours later where I had left my phone.