There have been a lot of such threads on HN already. People should stop trusting Google.
https://news.ycombinator.com/item?id=22705122
https://news.ycombinator.com/item?id=17428707
https://news.ycombinator.com/item?id=9768593
https://news.ycombinator.com/item?id=19513501
https://news.ycombinator.com/item?id=30677471
https://news.ycombinator.com/item?id=350968
https://news.ycombinator.com/item?id=24709282
(Some of those threads also have related advice.)
There’s a lot of reasons to get mad at Google. Not setting a recovery email is not one of them.
I feel bad for this person because it’s a horrible place to be stuck in, but even if Google had great customer support allowing people to reset passwords over chat / phone would be ripe for abuse
I actually have no reason to be stuck here because all these years, I was easily able to reset the password by verifying with a code on my phone number. It does send a code now as well, but then it's asking me to also verify the code being sent to the same email.
In my case I had a recovery email set for my account and knew the password. I didn’t have any 2fA on but when I would try to log in Google just decided it didn’t recognize me and I needed phone verification - it wouldn’t use my recovery email. I had lost access to the number they were trying to use so I am forever locked out. I’d even get attempted login prevented emails at my recovery email.
Similar experience with one of my accounts and it seemed totally absurd that me giving them a phone number that has never been used for the account somehow verifies that I am the owner. It's clearly an attempt to extract more data from a desparate user.
> In my case I had a recovery email set for my account and knew the password.
Same here, the only thing I did wrong was use Linux + Firefox + change country
edit: it was a great lesson though got me out of google products after that, everything bar Android itself and very rare niche searches (hoping linux phones get good enough for daily drivers)
Just to chime in, Google will happily ignore your recovery email if your fingerprint has changed significantly. This happened the last time I moved, and it's very irritating.
As an aside. I have made it a point to simply login to my google sock puppet accounts annually from my desired location simply to avoid these such lockouts.
Their primary denominator seems to be ISP. I also use a linode instance for many as wel. Gives me two locations.
Disclaimer: I don’t think anyone can really speak to the google ai, decision making process. But I do know at least one appeal has silently been allowed in my case.
I recently had my phone repaired by Google - it was not damaged at all, but the screen had started turning black. This is covered by warranty. After I sent it to them they claimed it had a cracked screen - it didn't, so I asked for proof.
They could not send proof, relented, and said that it did not actually need a repair. They also said I had to pay for a new screen anyway as but they would refund it after repair. After a while I paid for their lie, then waited for my phone.
It was returned after a week, but they refunded the money minus tax. I complained, and now, after over 120 correspondences, I do still not have my money back.
I will never get my money back.
I had not one but two 'under warranty' problems with my Pixel 5 that they acknowledged but because I'm not in the country I bought it in, (and I haven't been back there since COVID began) they wouldn't repair it.
Since one of the problems was with the logic board it was not even really possible for me to pay for a repair in a reasonable way.
I ended up buying a pixel 4a, because I didn't want to switch ecosystem, so went for the cheapest Google phone. Might not be able to avoid giving Google/Apple money, but I can certainly avoid buying the flagship devices.
You can consider a GNU/Linux phone (Librem 5 or Pinephone) to escape Google. It's not for everyone yet, but the HN audience probably could use one.
I would definitely consider these phones, but I'm a digital nomad, so having multiple sims (e-sims) is a must, it doesn't look like either support it yet.
It's hard to break free of Android/iOS as well. I can almost guarantee that one or more apps, for example 2FA auth apps like Duo or Okta, wouldn't be usable on the GNU/Linux (I don't really know enough about them to be certain about this statement).
At least for Duo, you can extract the HOTP secret [1] and use it in any OATH tool, e.g. with the otp extension of pass(1) on GNU/Linux (which uses uses oathtool(1) underneath). You can also do it a more difficult way, e.g. using the Duo app under anbox.
1. https://github.com/simonseo/nyuad-spammer/tree/master/spamme...
People should set up one of the million ways to recover your Google account... SMS, email, recovery codes, "tap yes on your Android device", I'm sure I missed some. If you pay for Google One, you get phone support, it's not expensive. If you're an AdSense customer or have an account rep, you can use that to get in touch with people.
There's no excuse not to if you have an account that has monetary value tied to it. You lose your rights to whine if you're careless with your online identity and get screwed over because of it.
I have SMS setup, but it still asks me to verify the code being sent to the same email.
Thanks for the resources. I have already started moving away from Google because I've read nightmare filled stories about people getting locked out for various reasons.
I never thought it would happen to me in this manner. It makes no sense that it's asking me to verify the code from an email that I'm telling them I don't have the password for. Even when I have a recovery phone number set on the account.