2FA on my Google account

spackard · Jun 27, 2018

Don't know if you all have your Google account secured, but I do.
Late morning I'm sitting at my desk and I hear a 'ding' from my cellphone. There's a Google
app saying someone is requesting a password reset for my account. I press the notification,
and I get some "Is This You" prompt, and some general information (I think) of the origin
of the login.
No.
A few minutes later I get another notification: someone is requesting an account recovery,
is this you? No.
10 minutes later, same thing. No.
I'm paying attention by now. Host OS is Windows 10. Location is Simi Valley. That won't be me.

I tried Googling what to do in this situation, but all I come across is how to
initiate account recovery.

I did their "security checkup" on my account, and there are no devices I don't know of.

No loss, no compromise. Probably nobody at Google is interested. Local LEO won't be.
Anyway, it could have been a very bad day or week. Now it's just an oddity.

https://www.google.com/landing/2step/

bdcardinal · Jun 27, 2018

Nothing good ever comes from Simi Valley except Hawaii Racing and Pure Vision Design. I have been to Simi many times unfortunately.

gathermewool · Jun 27, 2018

2FA is the way to go.

With that said, I’ve requested access to my accounts from new assets and the location that pops up is sometimes WAY off! I used to deny and try several times before allowing, just to make sure someone wasn’t coincidentally trying to hack me. I soon realized this was ridiculous, and that a code needed to be sent to my phone anyway for the 2FA, so I disregard the location.

Besides, location services are OFF on all of my devices, unless absolutely needed (eg, for nav with iPhone). Combine that with the fact that a hacker wouldn’t likely use his or her REAL location and it becomes almost irrelevant, so far as I know.

simple_gifts · Jun 27, 2018

Becoming the standard @ large companies.
How serious were they about implementation? Enough to purchase 12000 replacement keyboards with integrated card reader.

If a company doesn't do it, not likely they will pass a generic IT security audit.

Earlier this year, I was issued a smart card... Card and pin required for access to PCs, VPN, etc.

CarbonSteel · Jun 27, 2018

I had a similar thing happen a few days ago. I clicked "No" and that was that. 2FA is/was long overdue...

Hall · Jun 27, 2018

Originally Posted By: 2015_PSD
2FA is/was long overdue...

Google has had it available for years.

Andrew1972 · Jun 27, 2018

Another theory. Someone has a close username/email to you and possibly entered it incorrectly? Happens...

uc50ic4more · Jun 28, 2018

Just keep clicking "No": The offending party won't get what they're after, and after a few attempts they'll realize you are not low-hanging fruit and will move on.

CarbonSteel · Jun 28, 2018

Originally Posted By: hallstevenson
Originally Posted By: 2015_PSD
2FA is/was long overdue...
Google has had it available for years.
I mean everywhere--not just Google. There are a handful of external companies that have 2FA (Google, MS, Dropbox, etc.), but by an large 2FA has only appeared for **most** companies in the last couple of years if at all.

2FA on my Google account

spackard

bdcardinal

gathermewool

Site Donor 2023

simple_gifts

CarbonSteel

Hall

Andrew1972

uc50ic4more

CarbonSteel

Similar threads