Hacker News new | past | comments | ask | show | jobs | submit login

“I place the blame on Google because I didn’t update my recovery address to one that worked”



First, recovery addresses are for recovery when access has been lost. They are an alternate method of entry when the primary method of entry has been lost. They are NOT an extra method of validation to be used for the primary method of entry.

When Google switched from offering 2FA to requiring 2FA, it would have been acceptable for them to require a second form of authentication to be added on the next log-in. It is not acceptable for Google to pretend that they have a second form of authentication when they do not.

Second, up until the moment it was needed, I had access to my recovery address. Google locked me out of my primary address and my recovery address simultaneously.


Did you notice that the issue was that O0P had failed to update the recovery address of their recovery address, and google removed access to both the main email and the recovery email at the same time?




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: