Gmail email security options, should i only have 1 instead of 3 setup?

By SnoopZ
in Smart Home, Network & Security

 Share

Recommended Posts

Grand Master

SnoopZ

Posted
Posted

I've been reviewing my Gmail accounts which only had a weak password for logging in, these have been changed via Bitwardens generator so it's completely random and i have also set the MS Authenticator app on my 2 mobile devices.

My confusion is now i have also setup other login security options as below and im concerned whether i should disable these and just rely on the MS Authenticator app?

Access to my mobile devices is via biometric fingerprint.

Should i remove the below options or keep them, my recovery options are text message and backup email.

Text code to phone (isnt this bad if my number got spoofed?)

Google Prompts to both mobile devices

 

 

Grand Master

+Warwagon MVC

Posted
  • MVC
Posted
On 11/03/2023 at 08:12, SnoopZ said:

Should i remove the below options or keep them, my recovery options are text message and backup email.

Text code to phone (isnt this bad if my number got spoofed?)

Google Prompts to both mobile devices

The odds of your phone being spoofed is slim, but it's also the weakest link. Personally Once I enable an authenticator, and backup all the QR codes  (in case I have to restore my athenticator on a different phone) Then I disable sms

I also print off a list of backup codes, but to my surprise those codes are pretty worthless. Yes they will act as an authetnicator code, but then Google also says they sent you a verification code to an email address you are trying to get into ..WTF Google.

I also recommend adding the authenicator to all your devices, phones and tablets.

Grand Master

SnoopZ

Posted
  • Author
Posted (edited)
On 11/03/2023 at 19:02, Warwagon said:

The odds of your phone being spoofed is slim, but it's also the weakest link. Personally Once I enable an authenticator, and backup all the QR codes  (in case I have to restore my athenticator on a different phone) Then I disable sms

I also print off a list of backup codes, but to my surprise those codes are pretty worthless. Yes they will act as an authetnicator code, but then Google also says they sent you a verification code to an email address you are trying to get into ..WTF Google.

I also recommend adding the authenicator to all your devices, phones and tablets.

I've mirrored ms authenticator to my 2 mobile devices can't stand Google authenticator with no biometric login, I've got recovery emails setup too so I will disable SMS.

What about device prompt login, that kind of makes everything else pointless doesn't it?

Grand Master

+Warwagon MVC

Posted
  • MVC
Posted
On 11/03/2023 at 13:15, SnoopZ said:

I've mirrored ms authenticator to my 2 mobile devices can't stand Google authenticator with no biometric login, I've got recovery emails setup too so I will disable SMS.

What about device prompt login, that kind of makes everything else pointless doesn't it?

It does and it doesn't. I was recently helping someone who had their account compromised and it was kind of a cat and mouse game to get control of it again. In the process what I realized, is it's very easy to accidentally click allow login when that prompt appears for someone else to log in. I much prefer the much more deliberate authenticator code.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.