alt Hacker NewsOP triggered every possible red flags for suspicious account takeover in Google systems: deleting his recovery phone number, moving to another country and cellular provider. And then he gets surprised that the account is in 30 day cool down period??? I don't understand people sometimes.
Replies
They didn't willfully delete their recovery phone number. They tried to delete a shitty, known-broken 2FA mechanism after they had set up passkeys. Poor UX conflated the two things, so their recovery phone number ended up being deleted. This is 100% on Google.
Why the fuck would Google care in which country I live? It's a personal decision, and no corporation should have any say in this. They certainly don't have to flag an account for that, especially not if the account has 2FA enabled. This is on Google, too.
Your comment is victim blaming.
Have backup codes, Passkey, access to the said number, same laptop logged in, phone logged in, recovery email address access and nothing works...