Home
Artists
Search Recent Random
Posts
Search DMs Popular Hash Lookup Tags Random
Importer
Import FAQ
Register
Partychan Matrix ThePornDude
Home Artists Posts Import Register

Almost lost my Google Account. (I didn't delete the bad images in the recent cloud tier posts, I was busy with all of this) (Patreon)

Published:
2025-01-09 03:23:11
Imported:
Tags:

Content

NOTE: I had forgotten that they never call you on their own—you have to request it.

It’s hard to keep track of everything you need to look out for, especially when something like this happens unexpectedly. As a busy person, it can be difficult to think straight in the moment, and this really threw me off.

Here’s what happened: I got two calls, one claiming to be from Google. They directed me to support.google.com when I said I didn’t trust them.

Eventually, I was able to see the phone number on my device and cross-referenced it with the number listed on Google’s phone call assistant. The numbers matched.

At that point, I ended up giving them the verification codes. After the call ended, I logged back into my Google account, and it prompted me to create a new password. I set a new password, but they had also provided me with a “temporary” password, which I didn’t use.

When I set my new password, I think I caught them just in time because I noticed all my security settings had been tampered with:

  • My security keys (Hardware) were removed.

  • The "sign in with phone" prompt was disabled.

  • The authenticator app was turned off.

I quickly took action:

  • I set up a new hardware security key.

  • I updated the backup email.

  • I configured a new authenticator app.

Thankfully, I caught them before they could fully lock me out. I also verified that I wasn’t logged in anywhere else except the device I was using (This makes sense so they can lock me out).

Luckily, my most important accounts were detached from Google and had their own two-step verification. (And no, not SMS!)
Pro Tip: SMS is the worst method for verification because of SIM swapping. Hackers can transfer your phone number to another device without you even realizing it.

It’s highly recommended to use:

  • A YubiKey (the most secure option).

  • An authenticator app (preferably open-source, like Ente Auth, so you can see its inner workings, closed-sourced ones you won't know how they handle the security and what they do with encryption).

Thankfully, my most critical accounts are protected by a physical security key, which makes them nearly impossible to access without it. (Google was also secured this way, but as mentioned, I made a mistake and didn’t think things through.)