Conversation

Daniel Micay
@DanielMicay
Replying to
@voretaq7
and
@encthenet
That's the workflow they have for non-technical people aimed at minimizing the amount of people recovering accounts via customer support. I'm fairly sure you can enable non-SMS 2FA without that even without Advanced Protection. I don't think I ever had SMS recovery/2FA enabled.
1
1
Daniel Micay
@DanielMicay
Replying to
@DanielMicay
@voretaq7
and
@encthenet
The issue is that they have at least 3 workflows: the one for non-technical users, a more hidden way for people to set things up in a more specific way and then Advanced Protection Program for journalists, activists, etc. or other people with accounts that are high risk.
1
1
This Tweet is from a suspended account. Learn more
Daniel Micay
@DanielMicay
Replying to
@voretaq7
and
@encthenet
Yeah, I get the complaint. I have similar complaints about nearly every site with 2FA. landing.google.com/advancedprotec avoids all the issues for Google though. You need to have at least 2 security keys and may want to have another one as an off-site backup but other than that is trivial.
landing.google.com
Google Advanced Protection Program
The strongest account security made to protect the personal data and information of people most at risk of phishing, hacking and targeted digital attacks.
1
This Tweet is from a suspended account. Learn more
Daniel Micay
@DanielMicay
Replying to
@voretaq7
and
@encthenet
For Advanced Protection, the initial 2 security keys need to be physical standalone keys. Once you've set it up, you can add phones with hardware keystores as additional security keys. It's based around not wanting people to get very easily locked out of their accounts.
1
2
This Tweet is from a suspended account. Learn more
This Tweet was deleted by the Tweet author. Learn more
This Tweet is from a suspended account. Learn more
This Tweet is from a suspended account. Learn more
This Tweet is from a suspended account. Learn more
Show replies