Conversation

This Tweet is from a suspended account. Learn more

Replying to

and

If you're technical and don't want to have customer support able to recover the account for you then landing.google.com/advancedprotec is the best way to enable 2-factor authentication. You need to have at least 2 security keys and can't use other weaker 2 factor authentication methods.

landing.google.com

Google Advanced Protection Program

The strongest account security made to protect the personal data and information of people most at risk of phishing, hacking and targeted digital attacks.

This Tweet is from a suspended account. Learn more

Replying to

and

Advanced Protection Program is more than 2FA and is something that isn't offered by other sites. I can't see the normal UI because I have it enabled. It only allows me to add security keys not other mechanisms like app-based, SMS, recovery codes, Google prompt, etc.

This Tweet is from a suspended account. Learn more

Replying to

and

Just be aware the Advanced Protection Program is a lot more than only being able to login via security keys. It also prevents granting arbitrary apps access to account data and you don't have the option of using app passwords for legacy apps without modern auth workflow, etc.

This Tweet is from a suspended account. Learn more

Replying to

and

I'm suggesting using it for further security beyond simply using 2FA. You can set up 2FA without SMS without Advanced Protection. Advanced Protection is largely about getting rid of the customer support backdoors and eliminating other ways around proper authentication like that.

This Tweet is from a suspended account. Learn more

Replying to

and

That's the workflow they have for non-technical people aimed at minimizing the amount of people recovering accounts via customer support. I'm fairly sure you can enable non-SMS 2FA without that even without Advanced Protection. I don't think I ever had SMS recovery/2FA enabled.

Replying to

and

The issue is that they have at least 3 workflows: the one for non-technical users, a more hidden way for people to set things up in a more specific way and then Advanced Protection Program for journalists, activists, etc. or other people with accounts that are high risk.

9:16 PM · Mar 26, 2021Twitter Web App

This Tweet is from a suspended account. Learn more

Replying to

and

Yeah, I get the complaint. I have similar complaints about nearly every site with 2FA. landing.google.com/advancedprotec avoids all the issues for Google though. You need to have at least 2 security keys and may want to have another one as an off-site backup but other than that is trivial.

landing.google.com

Google Advanced Protection Program

The strongest account security made to protect the personal data and information of people most at risk of phishing, hacking and targeted digital attacks.