Pointed out that two-step verification of Google account using phone number is harmful for homeless people whose phone number changes regularly



Google requires phone number registration for the purpose of account protection, and users can use two-step verification to prevent unauthorized login by registering their phone number. However, it has been pointed out that homeless people who do not have a home and whose belongings are always at risk of theft or loss may not be able to access their accounts due to two-step verification using a phone number.




With your Google account, you can enable two-step verification using a phone number, another device, physical key, etc. to increase the security of your account. When you set the phone number, authentication using a voice message or SMS is performed.

For those who have turned on two-factor authentication like this and lost their device, there are various recovery methods available, but they may require a different device that you previously signed in with, or enter a backup code. is needed. Twitter user Chad Lauder pointed out that account recovery is difficult for homeless people who have difficulty preparing such alternatives, saying, ``For homeless people, there is no way to access their accounts again.'' I am filing.

The United States has implemented a support program that provides free mobile phones and SIM cards to low-income and homeless people, and many homeless people receive smartphones through this program and use them in their daily lives. However, the loss of belongings is a daily problem for nearly 30 homeless people who Mr. Lauder regularly contacts, and it seems that no one has been able to keep the same smartphone for more than four months. Homeless people receive a new SIM card every time they lose it, so the phone number changes every four months.

Mr. Lauder points out that the problem here is two-step verification using a phone number. Anyone who loses their phone with two-factor authentication turned on, and who has no access to account recovery, will never be able to access the same account again. If you were interacting with the caseworker on Gmail, Mr. Lauder complains that the interaction with the caseworker will stop there because you can not reply from the same address.



In February 2022, Google automatically enabled two-factor authentication for 150 million users, but Lauder said, ``This is why there are more and more poor people who can't recover their accounts these days. It may be one of the

``People without homes are always at risk of losing not only their smartphones but also various personal belongings such as ID cards and medicines,'' Lauder said. Although it has been locked out, the Google team should be the most trusted group to design products that work well for the homeless.'

Even if you enable Google's two-factor authentication, you can turn it off later. In addition, users can use various two-factor authentication methods, such as ' Google Authenticator '.

in Software,   Security, Posted by log1p_kr