Google to turn on 2SV by default
 

EMD Tweeted this out earlier today. Google is going to turn on 2SV for 150 million people. I see this as a huge disaster that will inevitably lock out millions of folks. I have to support some aged relatives who have a tough enough time using a regular password, and navigating 2SV would be impossible for them. I use it when I can, but for many this will be a bridge too far for Google stuff. In my experience Google's security prompts on your phone fail frequently, and you have to revert to a backup method. Make sure you have those set up and the phone number and email up to date, and don't forget to save your backup codes!

https://blog.google/technology/safet...re-convenient/

People usually end up doing stupid stuff that hurts more than they realise and they dont care which is sad really......

It's happening:

https://arstechnica.com/gadgets/2021...rolling-users/

I bet if everyone left in protest they wouldnt do stuff like this!

According to what I gleaned, here were I live, tomorrow (7th) is the role out day. I am not happy about this. It looks like the only option is via phone too.

I've been using Gmail/Google since 2003/4. I have a recovery email registered with Google, Why in blazes can't I use that address for this. I had to use that recovery address back in 2012/13 when after about 3 weeks Google finally figured I was not at my normal location and locked me out.

I have a second account that was created for me by an organization I am a member of. This was back in July. I was require to add a recovery email or phone number, I choose email. They can do this for that, why can't they do it for the 2FV,
The was the last email I got from Google to my recovery address:
So it is possible, but I guess they really what my phone number.

IMHO if you want to keep a Google account you MUST include a recovery phone number AND a recovery email address, and keep them up to date. Without those two items you will be locked out someday and they may not give you the option to use your recovery email, one-time codes, or anything else. I was once locked out of my account despite having the backup email, one-time codes, authenticator app, and the Google prompt on my phone, but Google would only send codes to an old phone number I had previously removed from the account. The inscrutable Google recovery process often seems to default to sending a code to the same email address you are trying to login to. But, if you are already logged into Gmail on your phone you may be able to recover the account that way by changing the password or turning off 2SV, which I have had to do before.

TenFour (kind of just want to leave it at that.) :D

I think you are right. What will be interesting is how they will implement this with all devices. What about email client access. Will I have to 2FA each time I connect to check my account.

On the cell phone it shouldn't be to bad since normally you are connected to your Google account all the time anyway. It you logout of you account, I guess anytime you use a Google App such as Maps, you will have to 2FA when you connect. Same for games that use Google Play.

Well... we will soon find out.

If I was a tinfoil hat wearer I might wonder if this is a way for Google to get rid of lots of spam-collecting burner accounts people have set up. Kind of a pain to set up and maintain 2SV for a burner account you only want to check once in awhile.