What About: Enforced 2-Step Verification for Google Gmail Account? Are you willing to take the "two step"? Has Google become just too authoritarian in its most recent overstep?

[GammaGlobulin]

7 minutes ago, JackGats said:

I don't think so. Once your devices are registered as "trusted devices", you're good to go. Unless you have someone using one of your devices AT THE SAME TIME 1000 miles from where you are, in which case Google might, I assume, require verification. What 2-step does is make sure that your Google account is at least as secure as your device(s). Remember too that if one of your device gets stolen you can "untrust" it from another device.

 

Where it can get confusing is if your are using different Google accounts across several devices and you lose track of which Google accounts are logged in on which device(s).

 

I do not resent 2-step on Google since I use Google drive for my docs.

You have mentioned one important possible snag in this:

 

Some user, probably many potential users, would like to have one Gmail account and two users accessing the same Gmail account on different devices, with each device located in two or more countries.  Let us say China and Thailand, for example.

 

Both users are receiving constant bombardments from Google requesting verification updates.

Both users need to use a mobile device to verify.

 

How would such a scenario work?

 

Is the tiny bit of extra security worth all this trouble?

 

In my view:  I am probably wrong, but I just think that this move by Google is not entirely due to any security issue.

 

Also, as everybody knows:  Nobody can directly ask Google anything.  Google is like God.  Communication only goes one way.  God speaks and we listen.  But when we speak, Google, like God, seems not to listen.

 

I may be wrong.

Just a feeling I get.

 

The closest I get to talking to Google is to speak to people in the Philippines, which is an outsourced service from Google.  The guys over there are just basically put there to hold your hand without providing much real support.  Just a marketing strategy and not a tech solution.

 

I could be wrong.

 

  

 

 

[kokesaat]

"Also, as everybody knows:  Nobody can directly ask Google anything.  Google is like God.  Communication only goes one way.  God speaks and we listen.  But when we speak, Google, like God, seems not to listen."

 

There are options out there.....Tutanota. Posteo. StartMail. Runbox. Mailfence. CounterMail. Proton Mail. Mailbox.org.  Haven't heard of them?  Gmail is a free service for most all their users.....if they want to enforce 2 step verification to protect their business model, that's their call.  

[GammaGlobulin]

Some of us do pay, via a monthly subscription fee, for Google Services, of course.  And we pay for much more than an email server. However, as you say, probably we do not pay enough for the benefit we receive from Google.

 

Alternatively, it is also possible that when a company like Alphabet, Inc. is guided by some guy from the subcontinent who graduated from U. Penn’s Wharton School, then undesirable consequences can happen to any company, meaning the business culture of a company, and culture is crucial.

 

Personally, I have yet to meet a guy from the subcontinent that knows much about teaching.  They know how to code at a low level, true.  However, culturally speaking, compared to the subcontinent guys, the Chinese guys are superstars. Still, teaching is done mostly top-down. And, top-down teaching is not teaching.  Instead, it is called inculcation.  

 

Pichai Sundararajan is just as much a brainiac as was Steve Jobs.  And,Jobs got most of his wifty thinking from the subcontinent.  Jobs was also the guy who tried to cure pancreatic cancer by eating fruit, although not apples. This was not his best business strategy, obviously.

 

As you may recall, when AT&T became super powerful in the US, there were safeguards put in place to ensure that this kind of service, integral to the day-to-day functioning of most members of society, was not disrupted due to short-term plans by megalomaniac brainiacs.

 

Who actually runs Alphabet, anyway?

 

With a company this important to the functioning of the world, then is it not reasonable that we should somehow turn Alphabet into more of a democracy?  Some say that democracy is not a bad thing. Others say that democracy is evil.  And we all know that Google dislikes evil.

 

Google’s business model is now flawed, perhaps?.  Google no longer serves its users, first. Instead, Google is serving whom?  Do you know?  I do not.  Google is completely opaque.

 

Also, is it not the ULTIMATE irony that Google now seems  so concerned with “our” security while Google may not completely protect “our” privacy?  Is this not ironic?  Because, in my mind, privacy is a part of security.  Or, maybe I am wrong?

 

Nobody, these days, is really that concerned about privacy because nobody has any privacy.

 

If nobody has privacy, then everybody is equal.  You remember:  “Two legs good.  Four legs bad.”  It’s like Alphabet soup and animal crackers.

 

Or, more accurately, maybe, Alphabet is more like the Wizard of Oz?

 

I am sure I am mistaken, or, I hope I am mistaken. However, Google, these days, is just a shadow of its former glorious self.  Many of Google’s present users were not yet weaned in 1998.

 

Google is a great company, and one of the greatest in the world.

 

However, these days, now that Google has been renamed Alphabet, such a stupid name, then maybe Googleplex, Mount View, California should be renamed Mount Olypus?

 

Because, as we all can see, this is a Greek Tragedy taking place before us.

 

As we know, when a top-down authoritarian business entity gradually gets out of step with its citizens/users, then nothing works right.

 

Maybe someday soon, Google’s own AI robots will rise up against The Wizards of Oz on Mount Olympus?  Or, maybe Pichai Sundararajan is not himself these days?  Perhaps he is Google’s silicon creation?  

 

Maybe he is the first example of a truly high-functioning humanoid?

 

But, if not, then it will not be long now….

 

 

Edited October 28, 2022 by GammaGlobulin

[soi3eddie]

The damage done by a hack to your Google account can be catastrophic. Imagine you're a YouTuber, a business with GoogleAds, with Adsense, analytics, online documents, presentations, spreadsheets or similar. A hacker could delete and ruin your whole business or income stream forever. 2FA just makes sense. It is not a burden for the protection it gives. 

 

Edited October 28, 2022 by soi3eddie

[Bangkok Barry]

12 hours ago, Dart12 said:

Your cell phone now is an actual spy device against you with the microphone on at all time recording you (yes, this is real).  We actually pay for  and install the government and tech to spy on us for our little convenniences in life.

Ah, an American conspiracy theorist. From Google, who as you surely believe has the time and resources to know everything about everyone, billions of us in fact: According to Consumer Reports, it is technically possible that your smartphone is listening, but not practical. In one study, researchers used an automated test program to analyze over 17,000 popular apps and did not find a single app that activated a phone's microphone and leaked audio data.

Can you provide a link for us that confirms - confirms - your statement? Thanks.

[jaywalker2]

I worry that brokerages in particular will start demanding two-step verification with a phone number. If you're living outside your home country, it might be impossible to comply if your brokerage (or bank) doesn't allow or limits foreign accounts.  Although Google Voice will give you a U.S. number, you have to be in the U.S. to sign up for it. I tried signing up from Thailand and got banned from the service!

[Dart12]

16 hours ago, Bangkok Barry said:

Ah, an American conspiracy theorist. From Google, who as you surely believe has the time and resources to know everything about everyone, billions of us in fact: According to Consumer Reports, it is technically possible that your smartphone is listening, but not practical. In one study, researchers used an automated test program to analyze over 17,000 popular apps and did not find a single app that activated a phone's microphone and leaked audio data.

Can you provide a link for us that confirms - confirms - your statement? Thanks.

Data collection is happening all around you on every device now 24/7.

Where you go

Where you've been.

What you've been messaging about is even open to the platform owners data collection and censorship.

All those TOS that you agree to to use the phone and app you agree to let it happen.  There is no newsbreaking story to write about when it's in TOS you agree to.

All this info is bought and sold in the open market daily. 

 

Hardly a conspiracy or secret.  Sorry to disappoint you.  

 

[sandyf]

On 10/28/2022 at 9:06 AM, GammaGlobulin said:

Just an honest question:  What about if you have multiple devices using the same Gmail account, in more than one country?  What happens then?

It is not a problem, every time I go to the UK I am logged in on one device in Thailand and logged in on 2 devices in the UK.

If there was activity at both locations at the same time you would get a security alert from Google.

[sandyf]

20 hours ago, GammaGlobulin said:

Some user, probably many potential users, would like to have one Gmail account and two users accessing the same Gmail account on different devices, with each device located in two or more countries.  Let us say China and Thailand, for example.

 

Both users are receiving constant bombardments from Google requesting verification updates.

Both users need to use a mobile device to verify.

 

How would such a scenario work?

For 3 years up until Dec 2021 when sadly my friend passed away I was sharing a google account with him, he was in the UK and me in Thailand.

The account was not personal, it was being used to manage a group we both belonged to and I can assure there was no constant bombardment from Google.

You are also wrong to think you must have a mobile device, that is the normal default but there is an option for when the mobile device is not available.

 

A few years back I had a Hotmail account stolen and it was quite difficult to recover, if only Microsoft had thought of 2 stage verification.

[HighPriority]

1 hour ago, Dart12 said:

Data collection is happening all around you on every device now 24/7.

Where you go

Where you've been.

What you've been messaging about is even open to the platform owners data collection and censorship.

All those TOS that you agree to to use the phone and app you agree to let it happen.  There is no newsbreaking story to write about when it's in TOS you agree to.

All this info is bought and sold in the open market daily. 

 

Hardly a conspiracy or secret.  Sorry to disappoint you.  

 

Data collection is hardly the same as “every word you say is being recorded by your microphone”

You're voluntarily with Google… ?

You are the product !

????????

[Bangkok Barry]

2 hours ago, Dart12 said:

Data collection is happening all around you on every device now 24/7.

Where you go

Where you've been.

What you've been messaging about is even open to the platform owners data collection and censorship.

All those TOS that you agree to to use the phone and app you agree to let it happen.  There is no newsbreaking story to write about when it's in TOS you agree to.

All this info is bought and sold in the open market daily. 

 

Hardly a conspiracy or secret.  Sorry to disappoint you.  

 

Can I remind you of what you wrote: Your cell phone now is an actual spy device against you with the microphone on at all time recording you (yes, this is real). 

 

What you write about in this post is something entirely different - data collection which - as you  say - is all pervasive in everyday life and which everyone has to and knowingly accept. Everyone knows that and accepts it as part of being on-line.

 

Next, you'll be writing that our tv is spying on us.

[DezLez]

40 minutes ago, Bangkok Barry said:

Next, you'll be writing that our tv is spying on us.

Actually it very well could be according to these;

Smart TV spying? FBI says the device may be spying on you - CBS News

 

Is Your TV Watching You? How to Stop Smart TVs Spying | Avast

Edited October 29, 2022 by DezLez

[Dart12]

20 hours ago, jaywalker2 said:

I worry that brokerages in particular will start demanding two-step verification with a phone number. If you're living outside your home country, it might be impossible to comply if your brokerage (or bank) doesn't allow or limits foreign accounts.  Although Google Voice will give you a U.S. number, you have to be in the U.S. to sign up for it. I tried signing up from Thailand and got banned from the service!

have someone at home sign up for you or use a VPN

[lopburi3]

On 10/28/2022 at 8:51 AM, Old Croc said:

It's not just Google, others are making it annoying to log in. Lazda for instance now requires an email code check.

That is not required if you use Gmail+ sign in however.

[topt]

On 10/28/2022 at 8:56 AM, GammaGlobulin said:

However, nobody, these days, can opt out of Google services, and this is the difference.

 

Google has become so intertwined with our business and personal lives, almost every minute of the day, that it is now truly impossible for use to extricate ourselves.

Actually that is not 100% correct. 

I have no Google products on either my Android phone or my laptops and don't miss them.

 

Yes of course they still get info via third parties but if one wants to make the effort you can reduce the data they take quite considerably.

 

As others have said MFA in whatever form isn't going away. Even using a vpn nearly every time I log into my UK financial providers they have to send me an OTP.

[Myran]

Stop using the word "authoritarian" if you don't know what it means. If Google should force people to use MFA if they want to use their services, that's a good thing. Way too many people use 123456 as their password and then complain to Google when their accounts get "hacked".

[lopburi3]

4 hours ago, lopburi3 said:

That is not required if you use Google G+ sign in however.

Correct Gmail+ to G+ - original post was wrong and too late to edit.

Edited October 30, 2022 by lopburi3

[jaywalker2]

6 hours ago, Dart12 said:

have someone at home sign up for you or use a VPN

I tried vpn, that's how I had my account suspended.  If I get somebody back in the States to sign up for me, I have to give them my google account password? How does it work exactly,

[fdsa]

the "anti-conspiracy-theorists" will dispute everything you write and any research report you link because nothing confirms your claims.

they will not believe and will make up an excuse even if Google CEO will say on TV "yes we do spy on you".

so to save your time and for the peace of mind just ignore the "anti-conspiracy-theorists" and do not reply to their posts.

[Dart12]

18 hours ago, jaywalker2 said:

I tried vpn, that's how I had my account suspended.  If I get somebody back in the States to sign up for me, I have to give them my google account password? How does it work exactly,

To be honest, I've had mine for 10 years  or so and I'm not sure of the exact process anymore.  But more than likely yeah you'd have to trust someone with passwords to do it for you.

**what vpn did you use?  Some are just plain overused and get warnings in their own right when you use them.  I mean, the sites, etc know you are on a vpn when using that vpn.

[fdsa]

2 hours ago, Dart12 said:

the sites, etc know you are on a vpn when using that vpn.

that's very simple - the target server just checks who owns the client's IP address, and if it is in a datacenter range instead of a home internet provider range then the server either blocks the connection or shows an error on a website "hey you use VPN lol".

the IP ranges database is public, so if some website does not determine that you use a VPN - it only means that the website's owner did not bother to implement the IP check.

[MJCM]

On 10/30/2022 at 2:24 PM, topt said:

 

I have no Google products on either my Android phone or my laptops and don't miss them.

Honest question.

 

how do you load apps then on your Android phone? Not via Google play store?

 

side load? Other “playstore/appstore”?

Edited October 31, 2022 by MJCM

[topt]

1 hour ago, MJCM said:

Honest question.

 

how do you load apps then on your Android phone? Not via Google play store?

 

side load? Other “playstore/appstore”?

Generally I sideload. 

Options could include downloading from the actual company (Eg. Line) or searching F-Droid, XDA, APKPure/Mirror, UptoDown or others. Either directly to my phone or to laptop and copy over by cable.

 

I don't use APK's or F-Droids installers as I am happy to check for updates manually where necessary.

 

I sideload my Android Box as well.

 

Google Play store does not exist on my phone (custom ROM) and is disabled on my Android Box.

[Dart12]

17 hours ago, topt said:

Generally I sideload. 

Options could include downloading from the actual company (Eg. Line) or searching F-Droid, XDA, APKPure/Mirror, UptoDown or others. Either directly to my phone or to laptop and copy over by cable.

 

I don't use APK's or F-Droids installers as I am happy to check for updates manually where necessary.

 

I sideload my Android Box as well.

 

Google Play store does not exist on my phone (custom ROM) and is disabled on my Android Box.

While despising google and limiting as much as I can. Especially for searches for information

There is nothing that compares to their local offline biz search and maps out there unfortunately.  I am currently unable/willing to give those services up at this juncture .  

[Digitalbanana]

I changed wifi hotspot and Google YouTube went thro the two step verification, sent the 6 numbers to my SIM, then after I input that it wasn't enough, it asked 'to really check who I am' by sending a second code to a second SIM! This repeated every time I changed my wifi hotspot.

 

So Google needed TWO sims because I had registered different SIM numbers on YouTube and Google. Fixed that annoyance by going to one SIM only on the profile of each account. but still cannot get around the verification each time I change wifi hotspot using same device.

[NanLaew]

On 10/28/2022 at 9:06 AM, GammaGlobulin said:

Just an honest question:  What about if you have multiple devices using the same Gmail account, in more than one country?  What happens then?

 

Do you think that the Google Gmail AI will be able to distinguish between valid logins, versus bogus logins?  (if you get my meaning)

 

Or, will the user get pummeled with endless notifications to verify, verify, and VERIFY, again!

In my experience, you only need to do the 2FA verification once on each of your non-android devices. I did it on my laptop and my office PC several months ago.

 

At my work which can be in several different countries, if I want to log in to my gmail on a PC that's connected to someone else's network, it's a simple matter of responding to the "Is this you?" request that will pop up on my android phone. As soon as you hit 'yes', the login on the PC is instantaneous. It will not allow you to save your password on those machines (which you wouldn't want to do anyway unless you're a lazy <deleted>).

[GammaGlobulin]

3 hours ago, NanLaew said:

In my experience, you only need to do the 2FA verification once on each of your non-android devices. I did it on my laptop and my office PC several months ago.

 

At my work which can be in several different countries, if I want to log in to my gmail on a PC that's connected to someone else's network, it's a simple matter of responding to the "Is this you?" request that will pop up on my android phone. As soon as you hit 'yes', the login on the PC is instantaneous. It will not allow you to save your password on those machines (which you wouldn't want to do anyway unless you're a lazy <deleted>).

Let's please just wait and see how this issue continues to evolve over the next two years. 

[tgw]

Google was great until approximatively 2008-2010, then things started to go downhill.
If you remember, they had "don't be evil" as a motto, it was visible until about 2014 on their webpage, but was still in their code of conduct. the phrase was ERASED from their code of conduct in 2018.
Today, google maps has ridiculously high prices for API usage, Google adsense for small websites has disappeared, Google adwords became Google Ads and aren't about keyword bidding anymore, instead Google's position is more similar to selling traffic and leads, Google Analytics' version 4 is unusable, etc.
Google has become evil, and in my opinion, has peaked.

 

Their 2-factor policy is incredibly nosy and abusive, I have no interest in letting Google know my phone number or my whereabouts. Email verification is fine.

Edited November 29, 2022 by tgw

[GammaGlobulin]

2 minutes ago, tgw said:

Google was great until approximatively 2008-2010, then things started to go downhill.
If you remember, they had "don't be evil" as a motto, it was visible until about 2014 on their webpage, but was still in their code of conduct. the phrase was ERASED from their code of conduct in 2018.
Today, google maps has ridiculously high prices for API usage, Google adsense for small websites has disappeared, Google adwords became Google Ads and aren't about keyword bidding anymore, instead Google's position is more similar to selling traffic and leads, Google Analytics' version 4 is unusable, etc.
Google has become evil, and in my opinion, has peaked.

 

Their 2-factor policy is abusive, I have no interest in letting Google know my phone number of my whereabouts. Email verification is fine.

YES.

I do recall things starting to go downhill.

I believe that this decline happened concurrently with the declining influence of the founders of Google.

It's a shame, really, because.....

Google was once the Shining Beacon of the Hill, of all companies, Worldwide.

 

Such a shame, truly.

 

I still use Google for important work, and I could not live without things like Google Docs, Sheets, Google Meet, and so much more from Google.

 

However, even more recently, it has become most apparent that Google Search is much less useful for basic research, and it once was super useful.

This is gone.

This is gone, and continually deteriorating.

 

YES,

The original thrill of using Google is gone.

Younger people, these days, are unable to compare today's Google with what Google once was.

 

The thrill is GONE.

 

I totally agree with you!

 

 

 

 

[fdsa]

11 hours ago, GammaGlobulin said:

Google Search is much less useful for basic research

yep, it shows fake amount of pages for a few years already. First it's "99999999999999 results found" but once you scroll to page 5-10 it becomes "228 results found"