Having spent nearly six years homeless and also had a college class from SFSU in Homelessness and Public Policy and having written about homelessness for years, I can assure you that for the vast majority of homeless people, losing their physical phone or being unable to pay for it is a much bigger problem than other people wanting to break into their accounts and steal their identity or some such.
for the rest of us having a hacker gain access to our accounts and stealing money or scamming others is a far greater risk. And for google a far more common occurrence. There is a reason there are so many safeguards in place and its because hackers are trying all day every day to break in and steal identities and money.
Homeless people don't need to use 2fa if they are so unconcerned with someone stealing their account or identity. For the rest of us 2fa and making it hard to steal accounts is 100% a must.
Were you so harsh on self-entrepreneurs that came here crying out loud because Google did shut down their developer account for some unrelated payement error on a linked account?
I hope so because otherwise you are just discriminating people based on their wealth. But praise lord dollar that if you ever fall from your status you won't find pedantic guys like you when seeking for help.
There's a recurrent thread of posters blaming everybody else for having issues with the big companies, because big companies cannot make mistakes otherwise they wouldn't be "big", right.
To be fair to the commenter, the company implementing the system is to blame. I can understand why Google (or other businesses) would prioritize customers concerned about security over the homeless. One is a more profitable customer.
Does that make it right? No. Does that mean people won’t get hurt? No. Plenty of ink on HN has been spilt about how companies act according to a profit motive, and often not in societies best interest. Recognizing this doesn’t make you complicit.
Kind of. The problem is that even when 2FA is disabled, Google's security panopticon will sometimes insist on additional verification anyway, even if you know your password, if it thinks something is suspicious.
If you don't have a verification method—or cannot access it—Google will literally just lock you out.
I have personally experienced this on accounts I don't access regularly.
For a careless user, or one who does not bother to learn about the risks, having one's account stolen is more of a danger. On the other hand, for a reasonably cautious user with a basic understanding of the risks involved, and whose life varies at all from predictable (affluent) norms, losing account access due to Google's protective measures is a bigger danger – and more of a hassle to guard against – because these protections are so easily triggered
I think the GP's point was that the "someone else having access" bit affects everyone, not just homeless people, if the company makes it easier to reset/regain access to accounts.
Bottom line, though, is that these companies should be required to find a way to maintain that high level of security, but also have a process so anyone who loses account access can get it back in a reasonable amount of time.
