Comment by al_borland
21 days ago
I have a huge problem with companies using their own apps for 2FA.
Google started doing this for Gmail. To use Gmail on my laptop, I need to approve it with Gmail on my phone. I never signed up for this. I’m now afraid if I delete the Gmail app from my phone that I’ll lose access to my email.
I hate the direction “security” is taking us. It’s done in the name of security, but it feels more like blackmail to get and keep the company app on your phone.
Is that a thing Google logins can be set to require? I _can_ use the Gmail app on a device for 2FA, I can also press "try another method" and use any 2FA app.
I guess I’ll have to look. It just started happening one day.
One huge fear I have no is breaking my phone while away from home and getting locked out of everything.
I was on vacation several years ago and broke my phone (the only time I’ve ever done that), and got lucky in several ways. I had a 2nd work phone with me. I was able to use that to call an Uber to get to an Apple Store; I was lucky to be in a city with an Apple Store. Then I got lucky again that I was able to talk Apple into giving me a replacement right there instead of a repair, they happened to have a single phone in stock to do that with. Then I got lucky yet again when I went to set it up, because I had an iPad with me by dumb luck, which was able to do my Apple 2FA that I didn’t sign up for.
If I go somewhere with just my 1 phone and no second device… I’m thinking I need to setup and bring a bunch of recovery codes, which has its own risks. My plan would be to cryptically write them down and put them in a money belt, as if those got into the wrong hands I’d be screwed.
I really don’t know what people do who only have a phone and nothing else. It seems they would always have this risk.
i do like how many apps are starting to play nice with 3rd party authenticators. i use ms authenticator for a bunch of things. Although knowing MS it has some massive license fee for them to support.