Gmail prompt to provide phone number sounds like a threat
- anteaters ( @anteaters@feddit.de ) 27•1 year ago
Google can close your email account down at any time for any stupid reason they like and their nonexistant support will leave you standing in the rain without access to years of mails. Switch to a paid mailer with actual support ASAP
- KevonLooney ( @KevonLooney@lemm.ee ) 22•1 year ago
No it doesn’t. It means that your email is encrypted and they don’t have a way to unlock it. If you don’t add recovery info or print out your unlock codes, you will lose access. Just like it says.
2FA is more secure.
- The Hobbyist ( @TheHobbyist@lemmy.zip ) 34•1 year ago
What are you talking about? Google is not encrypting their emails, where did you get that info from?
- nbailey ( @nbailey@lemmy.ca ) English11•1 year ago
Yeah, this has nothing to do with encryption, it’s because they refuse to have a support division that would be able to get people back into their accounts.
- stratoscaster ( @stratoscaster@lemmy.zip ) English7•1 year ago
What? No, that’s the whole point of 2FA. There is literally no other way to verify authorization otherwise because it’s by-default incapable of verifying identity.
Knowing the previous password doesn’t help because those are often found in password dumps.
This is true of any email service.
- Madlaine ( @Oszilloraptor@feddit.de ) 7•1 year ago
2FA is just a second password and has nothing to do with encryption. Can simply be removed.
They could bypass this authentication without problems, if they want. I lost my phone and my google business account got restored regardless of 2FA. It’s just a button for the support. The problem is the identification, especially of private customers (dunno if they would even do that).
Encryption passwords aren’t time-based either, they must be static.
- hemko ( @hemko@lemmy.dbzer0.com ) English5•1 year ago
Yes but that has nothing to do with the data being encrypted and Google not having access to it. Their whole business runs around them having too much access to user data.
And yeah before you say anything, yeah the data is probably encrypted at rest which means nothing in this case.
- pe1uca ( @pe1uca@lemmy.pe1uca.dev ) 7•1 year ago
Is it really encrypted?
I’m guessing it’s only for the account recovery to reset your password which should be hashed.
- Blizzard ( @Blizzard@lemmy.zip ) English12•1 year ago
Is it really encrypted?
Of course not, Google has full access to your e-mails and uses it the whole time.
- ono ( @ono@lemmy.ca ) English21•1 year ago
Can confirm.
Google locked me out of my account for not giving them my phone number. Even though I used the correct password. Even though I verified myself through the recovery email, which has been the same for ages. Even though I wasn’t using a VPN or connecting from a public network. Even though there was no reason to think my account or credentials were compromised.
They are, in fact, extorting phone numbers from people.
Thankfully, I don’t depend on my google account for anything, but I’m still stuck receiving spam forwarded by gmail, because I can’t log in to turn off forwarding. (I’ll probably have to filter it out at some point.) I honestly hope they just delete my account after some months without a phone number.
- Skull giver ( @skullgiver@popplesburger.hilciferous.nl ) 5•10 months ago
[This comment has been deleted by an automated system]
- ono ( @ono@lemmy.ca ) English2•1 year ago
This has nothing to do with compromise,
Clearly.
they just don’t want to deal with this many bot accounts.
Whatever excuse they might have doesn’t change the fact that they are extorting phone numbers from people.
- phoenixz ( @phoenixz@lemmy.ca ) 1•1 year ago
2 years and it’ll be deleted.
I still have a Gmail account but I’m trying better solutions… Maybe my own hosted system. Whether I pay google or a hosting company with open source software is the same money, the latter means privacy
- lemmyvore ( @lemmyvore@feddit.nl ) English6•1 year ago
Get your own domain and use migadu.com. The starter plan is $20/year.
For extra privacy get a domain in .de, .be, .fr, or .nl, their registries protect owner data automatically.
If you’re also looking for a registrar check out INWX.
- QuazarOmega ( @QuazarOmega@lemy.lol ) 17•1 year ago
Ransomware is getting smarter by the day!
- tim-clark ( @tim-clark@kbin.social ) 11•1 year ago
Users are getting dumber by the day!! Half the comments in privacy imply users don’t know what they are talking about and need to see a therapist
- stratoscaster ( @stratoscaster@lemmy.zip ) English3•1 year ago
Really though people just don’t understand the point of 2FA. There is 0 other way to verify identity. Just use a burner number if you’re so paranoid sheesh lol
- QuazarOmega ( @QuazarOmega@lemy.lol ) 1•1 year ago
You couldn’t glean the sarcasm from my comment?
I know that 2FA is important for security- tim-clark ( @tim-clark@kbin.social ) 4•1 year ago
No, based on the silliness i see in privacy. The /s is useful and to deny its usefulness is ignoring the reality of human 2d communication.
- QuazarOmega ( @QuazarOmega@lemy.lol ) 2•1 year ago
Alright, that’s a good point, I’ll make use of it more
- tim-clark ( @tim-clark@kbin.social ) 2•1 year ago
Totally agree it is a pain to use it. Just helps with clarity for everyone
- fidodo ( @fidodo@lemm.ee ) 16•1 year ago
Have you people never heard of a phone book? Phone numbers aren’t sensitive information. If they want to scrape your phone number they can legally and trivially do so through public data sources. Google does plenty of sketchy things around privacy, but this isn’t one of them, it’s just about security.
- Rodeo ( @Rodeo@lemmy.ca ) 2•1 year ago
Man I haven’t even seen a phone book in at least 10 years. Do they actually still exist?
- sculd ( @sculd@beehaw.org ) 13•1 year ago
At this point I would say stay away from all Google services.
I even moved away from Gmail. It’s very liberating.
- happyhippo ( @happyhippo@feddit.it ) 4•1 year ago
For all valid reasons for moving away from Google services, this just ISN’T one, as other comments already pointed out.
- sculd ( @sculd@beehaw.org ) 1•1 year ago
I agree. But just wanted to say that plenty of email service providers do not require a phone number.
Using authenticator for 2FA is also better than SMS.
- Enitoni ( @enitoni@beehaw.org ) 3•1 year ago
I’m slowly moving over to Proton and with the integration of SimpleLogin I’m starting to finally feel in control of my inbox.
- Fleppensteyn ( @Fleppensteijn@feddit.nl ) 11•1 year ago
Creating a new Google account isn’t even possible without a phone number anymore. I had a new account which I didn’t use in a while and it decided I need some old phone number to confirm my log in. There’s no way to log in, recover or delete the account. There’s no way I’m putting my daily account to that risk by giving them whatever phone number I have now
- 𝒎𝒂𝒏𝒊𝒆𝒍 ( @maniel@lemmy.ml ) 10•1 year ago
BuT cOrPoRaTiOnS tRaCk YoUr LoCaTiOn If yOu GiVe ThEm YouR nUmBeR
Like they’d need your phone number to do that when you probably already have a smartphone with Facebook installed
- MonkderZweite ( @MonkderZweite@feddit.ch ) 9•1 year ago
when you probably already have a smartphone with
FacebookPlay Store/Services installed- 𝒎𝒂𝒏𝒊𝒆𝒍 ( @maniel@lemmy.ml ) 2•1 year ago
that was vaguely implied by “smarphone”
- library_napper ( @library_napper@monyet.cc ) 4•1 year ago
Some of us don’t install proprietary software…
- 𝒎𝒂𝒏𝒊𝒆𝒍 ( @maniel@lemmy.ml ) 1•1 year ago
i was pointing at lay-user of smartphones that don’t want to give facebook or google their phone number while they are already spied on by countless companies with Google and Meta among them,
same people probably have pasted some appropriate clause on their facebook
- Blizzard ( @Blizzard@lemmy.zip ) English7•1 year ago
You could lose access to your X years of Gmail history with 2FA enabled if you lose your phone.
- AdmiralShat ( @AdmiralShat@programming.dev ) English7•1 year ago
I hate how reliant I’ve become on my Gmail. My banking, all my accounts, my job, etc.
I think email should be regulated, because of how much of the modern world relies on them and you can get fucked over and locked out super easy, and trying to change the email on some services isn’t just hard, it’s impossible
Regulation is slow, full of drama, scales poorly, & can result in a legal thicket that teams of lawyers can navigate better than the individuals it’s intended to advocate for. Decriminalizing interoperability is faster & can handle most of the small/simple cases, freeing up our community/legislative resources to focus on the most important regulatory needs.
- metaStatic ( @metaStatic@kbin.social ) 5•1 year ago
Thanks for reminding me to backup my emails locally and forward my gmail to proton, Good guy google.
- w2tpmf ( @w2tpmf@kbin.social ) 6•1 year ago
Your proton account is susceptible to the same problem if your password gets compromised and you don’t have a backup access method registered.
- lemmyvore ( @lemmyvore@feddit.nl ) English4•1 year ago
Use an authenticator app. No need for phone number.
- HisNoodlyServant ( @HisNoodlyServant@beehaw.org ) 4•1 year ago
Didn’t help me when my account got locked. Had 2fa and all the info they wanted and never got the account back. Fuck google.
- Endorkend ( @Endorkend@kbin.social ) 3•1 year ago
This isn’t actually about your phone number.
I got the same message because I do have my phone listed in there, but don’t have a recovery email address listed.
Using someone else’s computer for receiving your mail… That’s quite cringe !
- patchwork ( @patchwork@lemmy.dbzer0.com ) 1•1 year ago
With all do respect friend, I’m assuming most of us here that really care about privacy ditched Gmail very early in our privacy journey. I think virtually every policy Google enforces, including phone validation has some element of data collection in mind. We can debate whether providing the phone number is an information grab or a security measure, but I’m fairly certain it’s both to some degree. If one cares enough about privacy to post in this community please start looking for a privacy respecting email provider, then start abandoning Google services like the plague at a pace you can tolerate. Don’t move too fast on your journey, the inconvenience is rough, but liberating your digital life is priceless one step at a time.