I think Google has done some cool stuff, and I think in a lot of ways they're, at least historically, one of the less evil big tech players.
I gotta say, though, that my experience with trying to get them to sort out any kind of issue with their services makes me reluctant to spend any money with them.
I bought a Pixel phone. As per the sales terms, the phone came with one year of Gemini AI Pro service. Except, the redemption process to get the year of service didn't work for me. I contacted Google, they never fixed it or offered any solution. I simply didn't get the year of service I was promised.
My friend, who bought a Pixel around the same time, also wasn't able to get the year of Gemini they were promised.
That same friend has a Google One subscription, billed through their phone carrier. Recently, Google (or the provider?) discontinued that specific Google One plan, as well as the option to bill via your carrier. This was all covered in an email sent to my friend. As consolation, the email explained, my friend was given the option to switch to a different plan, billed monthly by Google (instead of their phone carrier), with 6 months free. Except, the new plan, and the 6 months free, wasn't selectable as a plan type for their account. So my friend emails Google about it and, to my complete lack of surprise, Google was unwilling/unable to provide any resolution.
At this point, I legitimately don't understand why, unless I had no other option, I would pick Google for services. They clearly put no real effort into resolving any service issues for any customer that's not spending millions with them.
I agree with your sentiment, but I wanted to call out that they've always been just as evil as other big tech companies.
I think their motto of "don't be evil" was some pretty clever PR.
I started questioning it c. 2008 when they ghosted me on resolving an issue with my blogspot site that was a bug in the platform. All I could get was a condescending non-response from a "diamond" volunteer on a forum. They were apparently the gatekeepers to reaching actual support.
I definitely don't think they've ever been super nice, but I still they still have a few much more user-friendly approaches than others. E.g., one of the reasons I bought a Pixel is that Google is one of the only phone makers that manages to have respectable security practices and still respects users enough support them choosing to modify the software on their devices and run alternate operating systems.
Back in the day they bought Feedburner, and merged it with their internal equivalent. In that process, my subscriber list was affected. They apologized and even sent out some swag. That was nice, for a small inconvenience at the time.
It's been [0] days since the last "Cloud provider banned me and I lost everything" article.
Everyone who depends on the good graces of a cloud provider for something (not just Google, but Amazon, Microsoft, Apple, whatever) needs to at the very least, take a moment, and figure out what their plan is when they are suddenly banned and locked out permanently, without any way to contact the company.
Does life just go on, since you don't have anything important hosted there? (Best Case)
Do you lose some precious family photos and use it as a tough learning opportunity to stop doing what you're doing? (Next best)
Do you lose access to your E-mail and are suddenly not able to do 2FA, reset passwords, communicate with the company or the Internet in any way, and so on, and now have to panic?
Do you complain online, hoping that someone in the company sees your post and has the ability to restore your account, which you then continue to use because you learned nothing?
Having an online account suddenly suspended is a real, non-zero, but unlikely risk. You should at least have a disaster plan if you rely on these things for anything important. Or better yet, stop relying on them for important things like your identity or precious files!
> Everyone who depends on the good graces of a cloud provider for something (not just Google, but Amazon, Microsoft, Apple, whatever) needs to at the very least, take a moment, and figure out what their plan is when they are suddenly banned and locked out permanently, without any way to contact the company.
This is one of the most common sentiments I hear expressed on HN, next only to "if you're not building your software business around Claude Code, you're gonna left behind".
If a service offers "Login with Google/Apple/Facebook/etc" you should never do that if they offer a username/password. It just increases the single point of failure. Avoid places that only offer the "Login with Foo" if at all possible (looking at you Tailscale).
As an ex-googler, the only reason I was comfortable keeping even my personal email there was because I could reach out internally if there was a problem. I left Google, and left gmail behind too.
> Avoid places that only offer the "Login with Foo" if at all possible (looking at you Tailscale).
Tailscale is the only serious company that I can ever recall offering /only/ third party login. It's bit bizarre on the face of it. Anyone know the reason?
Once upon a time at Google: The year was 2013, and I'd been selected to be among the first 8,000 people to get Google Glass. I had to go to Google HQ in NYC from my home in Virginia to get it and be instructed 1:1 on how to use it. I was given a toll-free phone number to call for support by a Glass expert, available 24/7/365.
Not only did they answer immediately whenever I had even the smallest problem or question: I twice broke my Glass, and each time I'd call the support number to ask for a replacement.
Google's policy was that no matter how you broke it or how many times it happened, they'd replace it free. They'd immediately send a box to return the broken device (prepaid) and a couple days later a brand new Glass would arrive.
You were a volunteer employee. The very least they could do is make sure you can keep doing the job.
I think organizations have a very hard time staying motivated once the product’s concern has moved away from any one team. While you test the product for them there’s likely people whose jobs depended on you and 7999 others doing so. But eventually a product will be considered shipped and all the various talent now pays attention to what’s next.
Billions in profit may unblock scaling customer support beyond scrappy startup minimums
However (and I loathe this logic) if you can get the marketplace to accept that minimal level, and the brand harm is inconsequential, why not pocket the savings
Dealing with Google is a nightmare. I'm one of the volunteer sysadmins for https://forum.buildhub.org.uk/, a DIY and self-build forum. For 10 years it ranked very well on Google, particularly in the UK, and then on 28 December 2025 it disappeared from Google's index.
Nothing has helped, the Google forums are tumbleweed and there's no one to reach out to for what could be an algorithm change or something gone wrong. I'm a paying Workspace customer and it's made me think I need a backup plan in case I'm ever suspended. Reports like this don't encourage.
> Nothing has helped, the Google forums are tumbleweed and there's no one to reach out to for what could be an algorithm change or something gone wrong.
The own-brand forum (Google, Microsoft, Apple) seem to be infested by netizens from lower-income countries trying to build online customer support portfolios by providing utterly useless answers.
That, or trying to game the system and getting shortlisted for a free trip to Google HQ for one of their contributor summits.
I recently had to go through the recovery flow for an admin account and it was wild. Despite Google manually unlocking the account and giving me a reset link, every login was forced to authenticate via SMS using the (removed) phone number. Luckily I was able to get a hold of it and get the code, but even after adding a TOTP and security key 2FA, further logins still required SMS.
It feels like the security team made this change to reduce account hijacking but it's at complete odds with the recovery flow and modern security practices. Better hope your phone number doesn't get hijacked or recycled because it's the key to your account now, security keys be damned.
Google enabled 2FA on my Gmail account without any prior notice. I have the username, password, recovery email, and all emails from the account are forwarded to my Fastmail, but I can't ever log into the account again because it is trying to do 2FA by SMS to a number I don't have.
I've tried everything to find someone inside Google to fix this, but so far no luck. At least with Meta you can find someone on a forum like Swapd who will take a small bribe to fix these issues.
This should be illegal. Megacorps eat more and more of our life and regular people are increasingly at mercy of these hostile entities. They should be pushed more against. If we can't have proper anti monopoly splits like AT&T, then at least ways to prevent them exerting too much power are long due. If you provide an essential service, responsibility should match that.
The EU’s heart is in the right place, which can only rarely be said of the US.
But the EU’s approach is often backwards. When product managers have to ask the government if it’s ok to ship a feature, something is wrong. When the government responds that it can’t say in advance, you’ll just have to ship and see if you get fined, something is really seriously broken.
If a company is about to produce millions of physical products, I think it is quite ok if they first check with the government to see if that is a good idea.
Funny because I have dyslexia and read excreting power as exerting power, and then had to read your "Exerting" underneath 4 times to understand the mistake. I guess it's the phonics, dyslexia is so weird tho, ha.
Hey do you have certain fonts that are better? I was working with a dyslexic student last week trying to find fonts that work better for his online classes. All the research pointed towards a handful that didn't seem to really improve processing for the student.
They tried all sorts with me in school, I seem to recall it's related to trying to add shadow to hint to the brain the direction the letter should be etc. I found it more annoying than helpful. Probably a very unpopular opinion but I think teaching someone with dyslexia to read and write neurotypically is probably unhelpful and finding audio visual learning methods is a considerably better way to have them retain knowledge. I think you can get to a basic level of competency but speed and recall, at least with me, never really came. One thing I found once that was cool was an app that present each word at a time only in the center of the screen, but it felt extremely mechanical I was so focused on the words once I was done there was basically no meaning left if that makes sense. I'm autistic with dyscalculia also, FWIW. I mostly think in sounds, pictures and movies, for whatever reason my brain doesn't have a great framework for symbols that don't have those things inherently attached to them. ¯\_(ツ)_/¯
If you’re operating Google workspace without a well oiled Enterprise behind the scenes, a single admin account is a single point of failure.
I had this happen a couple years ago when I was migrating to a different domain. The only difference was all of the authentication that I supplied Google said was an adequate and I got into some sort of a login loop where Authenticator, SMS, DNS record nor pass key would provide enough authentication for me to get in.
I got the automated got bought to finally send me the mythical form, after completing that I was told that they were unable to authenticate me further. I ended up emailing their support multiple times and threatening lawsuits multiple times when I got a magic call from a human at Google. They also sent me the link that put me into a login loop however after chatting with them for nearly an hour I got a different magic login link form which appeared to work.
I can't believe I'm praising Microsoft (Office365) here but it actually has a track record of actually having support, support people that you can talk on the phone with and knows how to navigate the dark corners of their convoluted systems and actually solved my problems (even if it was caused by Microsoft's horrific UI in the first place).
An article here a couple of days ago said that the automation behind the scenes in Azure is piss poor and the whole thing is held together by thousands of contractors manually fixing the endless failures.
On the plus side, it does mean they have thousands of people who know how to fix problems.
At Google there is one guy who knows how to fix the problem.. he's a monk who is also in 700 different teams and the only one who remembers how the systems were built. You have to climb all the way up to his mountain abode, hope that he is home and pray that he will hear your cries and help you
Any painful automation story feels very different from their customer service. MS has always been superior to their competition with customer service - especially paid service contracts - because it's far closer to their identity: very long-term, tightly integrated enterprise. Google has never had this; even the idea of paying for support came very late (and reluctantly) to them.
> MS has always been superior to their competition with customer service - especially paid service contracts - because it's far closer to their identity: very long-term, tightly integrated enterprise. Google has never had this; even the idea of paying for support came very late (and reluctantly) to them.
If we're comparing cloud services, surely GCP has customer service? I can't imagine any big enterprise using it otherwise.
Google needs to understand that watching this nightmare scenario play out over and over again is actively destroying trust in their platform. When your email, authentication, documents, payroll, and CRM all flow through a single provider and that provider can lock you out overnight with no meaningful recourse, you’ve invited customers to place their entire digital presence into a house of cards. The fact that this same story surfaces almost daily should be a wake up call to existing and prospective customers. Every unresolved lockout is one more reason to start planning an exit. Google has led the effort to lower the bar so much that it’s commonplace and somehow acceptable to ghost paying customers who youve locked out or even worse bounce them through a gauntlet of AI chat bots with the illusion that you are even aware of the damage you’ve caused.
Yeah, loss of a google account in certain cases can destroy entire small businesses and there's no recourse. In the old world we had extremely deep bodies of case law around utilities and commercial leases and road access, insurance and all kinds of things to make business operation legally predictable, but for the digital equivalent it's still the wild west and everyone just throws up their hands like its unavoidable.
On the surface it seems like it would be a good idea for all these users who were suspended to do a mass arbitration like what happened to Uber to get them to start taking it seriously, this comes up like monthly people getting account pulled up from under them and impacting business. Maybe there a legal differences or something
https://www.mbelr.org/mass-arbitration-how-ubers-own-alterna...
Imagine being homeless, and your Gmail account is your online identity for what little financial presence you have, and how in the world can you recover from its loss?
I don’t disagree, but the reality is SaaS is the model that most companies depend on and these risks exist everywhere.
If your business is dependent on services you need to take a modicum of effort to protect yourself - the posts author was literally walking around with his entire business at risk from him dropping his phone or having it pickpocketed.
At the end of the day, the protagonist in this story is mad because Google won’t allow him to social engineer access to his company. He deleted his sole token (Google makes it trivial to add many) in the most fraud signally way possible.
> He deleted his sole token (Google makes it trivial to add many) in the most fraud signally way possible.
Are we reading the same blog post? He had his password, 2FA authenticator set up, and backup codes -- everything Google asks you to have to be on the "golden" auth path.
He only deleted his SMS authentication path (one thing I don't understand is how he was able to do this in the first place without being logged in), which is in any case the least secure method of 2FA. Also, It should be fairly obvious that SMS is not expected to work seamlessly while traveling, how is this not a scenario that's hit by millions of Google users worldwide?
Google's customer support is interesting. Its definitely a case where you'll sometimes hit pockets of the company where clearly there was someone who made it their life's work to fix this bad reputation they have; while other pockets make it clear that they deserve the reputation.
I had a Nest subscription that became a total mess. If you've ever tried to use Nest before, or are coming from a legacy Nest account, and/or also have a Workspace account that somehow got wrapped up in the mess, you'll understand how much of a clusterf Nest is for the Google ecosystem. I had signed up for this subscription on a personal Google account, cancelled it, but was still being charged for it, and the credit card being used made me think it was getting charged on my Google Workspace account (which isn't officially supported, and would never let you sign up for it, but DID share an email address with my legacy Nest account I had migrated into the non-Workspace personal account I was using for Nest).
They had to escalate the problem a couple times, which took ~24 hours. Once that happened, their rep had it resolved in minutes, and refunded me two months on the subscription.
The biggest piece of advice I can give when dealing with Google is: Never be weird. You cannot ever put yourself in a situation where your account isn't like the other billion accounts they have. If you do, something will go wrong and its rolling the dice on whether you'll ever reach someone who can help you. If you've used Google enough, you know: Their multifactor settings are weird. You cannot set it up exactly how you want; it'll always trigger some auth method you didn't configure but they have "LATENT KNOWLEDGE" you should be able to authenticate with, like a phone number you configured six years ago, or gmail installed on a tablet that's 400 miles away, and you can't turn it off, even on Workspace.
My favorite bit of Googleism: Go to any site you sign in with Google SSO and watch the URLs in the eight redirects it has to do before it signs you in. You'll see a "youtube.com" in there. Even on a Workspace account. Youtube.com is a load-bearing website in their core auth flows.
Mess of a company. I hope they invest some effort in improving things, but I was saying the same thing in 2018. They probably won't.
> like a phone number you configured six years ago
I've put in a heroic effort to make sure they never get a phone number, specifically so they can't start handing my account over to the first clown who simswaps me, and have been successful. Unfortunately, this makes my account weird, which as you noted is fatal.
> I removed my phone number from the account. I am travelling to the UK for a short period and did not want to have roaming on my Australian phone.
So for my own notes, removing a phone number from my Google account before travel will risk account suspension. Hope OP resolves it, but also need to make sure this never happens to me.
This is why I do full Google Takeout every 2 months and have my own domain with Workspace. I don't rely on cloud file storage. The calendar is important, but I could switch easily.
IMO, the worst part of this is Workspace support is immune to ANY explanation. I mean, credit card companies are well used to "is this your transaction?" emails.
Using a Google Workspace Super Admin account for your non-admin day to day needs is similar to using your AWS root account instead of IAM users.
In my experience Google Workspave support is very good. I’ve always been able to get a knowledgeable person on a call to debug issues without much difficulty.
But yea, if you’re locked out of your admin account, that’s another story. Very sjmilar to if you get locked out of your AWS root account. It’s a nightmare to recover.
> Using a Google Workspace Super Admin account for your non-admin day to day needs is similar to using your AWS root account instead of IAM users.
It sounds like the mistake here is not appointing another Super Admin, and making sure they don't use their account for day to day needs. Or just having two Super Admin accounts controlled by the same person, heh.
I can't see how not using one's Super Admin account wouldn't prevent tripping some kind of fraud lockout that's impossible to recover from.
Randomly, I just remembered that I lost a GCP account because I tried logging in from Laos, and they asked me for the front and back photos of a payment card that I used ages ago that I didn't bother making scans of before it was lost. Urgh.
Make a primary super admin (admin@ whatever) and only log into it for admin purposes. Make an actual user (you@) for day to day line of business work. This has the benefit of making some categories of spear phishing and xsrf attacks harder if the account that gets compromised doesn't have root.
Instead of getting more dependant on Big Tech's AI products, I think the perfect use for AI is develop tools and workflows that decouple one from Big Tech.
I guess one way to protect yourself from this would be to use another IAM solution for SSO login to Google Workspace, but is there any reasonable choice for small businesses other than Entra ID or Okta?
Been there done that, none of it works, till this date my YouTube account is suspended and they can't do a thing about it.
Google Drive & Workspace are their most poorly designed products with the shittiest support ecosystem. Google would rather bleed money than work on it.
That's one of reason I started DoShare Personal Cloud[₁]
At least he owns his own domain and can eventually switch over. A few years ago we decided to switch our personal emails from gmail accounts to domains we own (though the email is still handled by google.) This way if we ever lose our google account, we can switch the MX and be able to get all our recovery emails, bank second factors, password recoveries, etc.
They could switch their domain to another email provider and start getting emails, which is great. The problem though, is they also used their Google Account to log in to all the 3rd party services (payroll). I have no idea how you would get back into those services. Some _might_ let you switch off the Google Sign-in SSO, but I imagine that is a headache.
This occurs to dozens, hundreds, maybe even thousands of people on a daily basis. It happened to me many years ago. This is your opportunity to escape, instead you cry out here for attention. How pathetic
"Despite repeatedly explaining this, they ignored my assertions and continue to hold my email hostage."
Well, you have become the product here. That also happens by other "free" email providers too. I had this happen to me on inbox.lt; the guy demanded I use a smartphone to "prove" my identity. At that point I realised they want to connect this data to the account and sell it to others who are interested in that.
Because his honest and accurate diagnosis for why mega tech corps treat people inhumanely is the first step towards stopping it. In my opinion of course.
Microsoft 365 is a reasonable alternative. It's easy to buy and even tiny Customers can get a degree of real human (read: tier 1 is unhelpful contractors that you have to fight thru) support.
It's still repugnant to me, as compared to self-hosting, but I would never self-host for a greenfield SMB Customer today. The economics don't make sense and the talent pool of knowledgeable and reasonable sysadmins is dwindling by the day. (I wouldn't want to make a Customer so beholden to me if they were willing to pay for it.)
I miss being able to spin-up an on-prem email server on a box with reasonable hardware redundancy, some external USB disks to rotate for off-site backup, a UPS, a couple consumer-grade "business class" Internet connections, and a contracted "backup MX" to catch email in the event of an outage. It was a good enough for a lot of small SMBs who had a physical office, and was cheap.
The economics make perfect sense once "30 days of a suspended business email with no timely recourse" shows up as a line item. That USB disk and a UPS is looking pretty cheap right about now.
OP triggered every possible red flags for suspicious account takeover in Google systems: deleting his recovery phone number, moving to another country and cellular provider. And then he gets surprised that the account is in 30 day cool down period??? I don't understand people sometimes.
They didn't willfully delete their recovery phone number. They tried to delete a shitty, known-broken 2FA mechanism after they had set up passkeys. Poor UX conflated the two things, so their recovery phone number ended up being deleted. This is 100% on Google.
Why the fuck would Google care in which country I live? It's a personal decision, and no corporation should have any say in this. They certainly don't have to flag an account for that, especially not if the account has 2FA enabled. This is on Google, too.
The problem is the rapid succession of changes to recovery phone number, country, cellular provider. There is no way to differentiate, at scale, between an account takeover currently in progress that needs to be stopped immediately to minimize damage, and a legit user deciding to change all his personal info at once.
30 day cool down period is a reasonable response, at scale.
Of course you can keep your provider. It's called roaming, per OP story: "I am travelling to the UK and did not want to have *roaming* on my Australian phone."
For cheaper rates than roaming, typically you install a secondary eSIM for the country you're traveling. 99% modern phones support dual SIM for this reason
I gotta say, though, that my experience with trying to get them to sort out any kind of issue with their services makes me reluctant to spend any money with them.
I bought a Pixel phone. As per the sales terms, the phone came with one year of Gemini AI Pro service. Except, the redemption process to get the year of service didn't work for me. I contacted Google, they never fixed it or offered any solution. I simply didn't get the year of service I was promised.
My friend, who bought a Pixel around the same time, also wasn't able to get the year of Gemini they were promised.
That same friend has a Google One subscription, billed through their phone carrier. Recently, Google (or the provider?) discontinued that specific Google One plan, as well as the option to bill via your carrier. This was all covered in an email sent to my friend. As consolation, the email explained, my friend was given the option to switch to a different plan, billed monthly by Google (instead of their phone carrier), with 6 months free. Except, the new plan, and the 6 months free, wasn't selectable as a plan type for their account. So my friend emails Google about it and, to my complete lack of surprise, Google was unwilling/unable to provide any resolution.
At this point, I legitimately don't understand why, unless I had no other option, I would pick Google for services. They clearly put no real effort into resolving any service issues for any customer that's not spending millions with them.
I think their motto of "don't be evil" was some pretty clever PR.
I started questioning it c. 2008 when they ghosted me on resolving an issue with my blogspot site that was a bug in the platform. All I could get was a condescending non-response from a "diamond" volunteer on a forum. They were apparently the gatekeepers to reaching actual support.
Back in the day they bought Feedburner, and merged it with their internal equivalent. In that process, my subscriber list was affected. They apologized and even sent out some swag. That was nice, for a small inconvenience at the time.
Today? humans don't even seem to be involved.
Everyone who depends on the good graces of a cloud provider for something (not just Google, but Amazon, Microsoft, Apple, whatever) needs to at the very least, take a moment, and figure out what their plan is when they are suddenly banned and locked out permanently, without any way to contact the company.
Does life just go on, since you don't have anything important hosted there? (Best Case)
Do you lose some precious family photos and use it as a tough learning opportunity to stop doing what you're doing? (Next best)
Do you lose access to your E-mail and are suddenly not able to do 2FA, reset passwords, communicate with the company or the Internet in any way, and so on, and now have to panic?
Do you complain online, hoping that someone in the company sees your post and has the ability to restore your account, which you then continue to use because you learned nothing?
Having an online account suddenly suspended is a real, non-zero, but unlikely risk. You should at least have a disaster plan if you rely on these things for anything important. Or better yet, stop relying on them for important things like your identity or precious files!
This is one of the most common sentiments I hear expressed on HN, next only to "if you're not building your software business around Claude Code, you're gonna left behind".
As an ex-googler, the only reason I was comfortable keeping even my personal email there was because I could reach out internally if there was a problem. I left Google, and left gmail behind too.
Tailscale is the only serious company that I can ever recall offering /only/ third party login. It's bit bizarre on the face of it. Anyone know the reason?
Not only did they answer immediately whenever I had even the smallest problem or question: I twice broke my Glass, and each time I'd call the support number to ask for a replacement.
Google's policy was that no matter how you broke it or how many times it happened, they'd replace it free. They'd immediately send a box to return the broken device (prepaid) and a couple days later a brand new Glass would arrive.
Like I said, once upon a time....
I think organizations have a very hard time staying motivated once the product’s concern has moved away from any one team. While you test the product for them there’s likely people whose jobs depended on you and 7999 others doing so. But eventually a product will be considered shipped and all the various talent now pays attention to what’s next.
It's not the same league, not even the same sport.
PS: Not defending Google here, their support for some products is abysmal
However (and I loathe this logic) if you can get the marketplace to accept that minimal level, and the brand harm is inconsequential, why not pocket the savings
Yes, because they were using you to figure out where it needed improvements for every day wear and tear. It wasn't charitable, it was R&D expense.
Nothing has helped, the Google forums are tumbleweed and there's no one to reach out to for what could be an algorithm change or something gone wrong. I'm a paying Workspace customer and it's made me think I need a backup plan in case I'm ever suspended. Reports like this don't encourage.
The own-brand forum (Google, Microsoft, Apple) seem to be infested by netizens from lower-income countries trying to build online customer support portfolios by providing utterly useless answers.
That, or trying to game the system and getting shortlisted for a free trip to Google HQ for one of their contributor summits.
It feels like the security team made this change to reduce account hijacking but it's at complete odds with the recovery flow and modern security practices. Better hope your phone number doesn't get hijacked or recycled because it's the key to your account now, security keys be damned.
I've tried everything to find someone inside Google to fix this, but so far no luck. At least with Meta you can find someone on a forum like Swapd who will take a small bribe to fix these issues.
But the EU’s approach is often backwards. When product managers have to ask the government if it’s ok to ship a feature, something is wrong. When the government responds that it can’t say in advance, you’ll just have to ship and see if you get fined, something is really seriously broken.
“Exerting” would be more correct I guess but less fun.
I had this happen a couple years ago when I was migrating to a different domain. The only difference was all of the authentication that I supplied Google said was an adequate and I got into some sort of a login loop where Authenticator, SMS, DNS record nor pass key would provide enough authentication for me to get in.
I got the automated got bought to finally send me the mythical form, after completing that I was told that they were unable to authenticate me further. I ended up emailing their support multiple times and threatening lawsuits multiple times when I got a magic call from a human at Google. They also sent me the link that put me into a login loop however after chatting with them for nearly an hour I got a different magic login link form which appeared to work.
On the plus side, it does mean they have thousands of people who know how to fix problems.
edit: https://news.ycombinator.com/item?id=47616242
If we're comparing cloud services, surely GCP has customer service? I can't imagine any big enterprise using it otherwise.
If your business is dependent on services you need to take a modicum of effort to protect yourself - the posts author was literally walking around with his entire business at risk from him dropping his phone or having it pickpocketed.
At the end of the day, the protagonist in this story is mad because Google won’t allow him to social engineer access to his company. He deleted his sole token (Google makes it trivial to add many) in the most fraud signally way possible.
Are we reading the same blog post? He had his password, 2FA authenticator set up, and backup codes -- everything Google asks you to have to be on the "golden" auth path.
He only deleted his SMS authentication path (one thing I don't understand is how he was able to do this in the first place without being logged in), which is in any case the least secure method of 2FA. Also, It should be fairly obvious that SMS is not expected to work seamlessly while traveling, how is this not a scenario that's hit by millions of Google users worldwide?
I had a Nest subscription that became a total mess. If you've ever tried to use Nest before, or are coming from a legacy Nest account, and/or also have a Workspace account that somehow got wrapped up in the mess, you'll understand how much of a clusterf Nest is for the Google ecosystem. I had signed up for this subscription on a personal Google account, cancelled it, but was still being charged for it, and the credit card being used made me think it was getting charged on my Google Workspace account (which isn't officially supported, and would never let you sign up for it, but DID share an email address with my legacy Nest account I had migrated into the non-Workspace personal account I was using for Nest).
They had to escalate the problem a couple times, which took ~24 hours. Once that happened, their rep had it resolved in minutes, and refunded me two months on the subscription.
The biggest piece of advice I can give when dealing with Google is: Never be weird. You cannot ever put yourself in a situation where your account isn't like the other billion accounts they have. If you do, something will go wrong and its rolling the dice on whether you'll ever reach someone who can help you. If you've used Google enough, you know: Their multifactor settings are weird. You cannot set it up exactly how you want; it'll always trigger some auth method you didn't configure but they have "LATENT KNOWLEDGE" you should be able to authenticate with, like a phone number you configured six years ago, or gmail installed on a tablet that's 400 miles away, and you can't turn it off, even on Workspace.
My favorite bit of Googleism: Go to any site you sign in with Google SSO and watch the URLs in the eight redirects it has to do before it signs you in. You'll see a "youtube.com" in there. Even on a Workspace account. Youtube.com is a load-bearing website in their core auth flows.
Mess of a company. I hope they invest some effort in improving things, but I was saying the same thing in 2018. They probably won't.
I've put in a heroic effort to make sure they never get a phone number, specifically so they can't start handing my account over to the first clown who simswaps me, and have been successful. Unfortunately, this makes my account weird, which as you noted is fatal.
So for my own notes, removing a phone number from my Google account before travel will risk account suspension. Hope OP resolves it, but also need to make sure this never happens to me.
IMO, the worst part of this is Workspace support is immune to ANY explanation. I mean, credit card companies are well used to "is this your transaction?" emails.
In my experience Google Workspave support is very good. I’ve always been able to get a knowledgeable person on a call to debug issues without much difficulty.
But yea, if you’re locked out of your admin account, that’s another story. Very sjmilar to if you get locked out of your AWS root account. It’s a nightmare to recover.
It sounds like the mistake here is not appointing another Super Admin, and making sure they don't use their account for day to day needs. Or just having two Super Admin accounts controlled by the same person, heh.
I can't see how not using one's Super Admin account wouldn't prevent tripping some kind of fraud lockout that's impossible to recover from.
Randomly, I just remembered that I lost a GCP account because I tried logging in from Laos, and they asked me for the front and back photos of a payment card that I used ages ago that I didn't bother making scans of before it was lost. Urgh.
edit: looks like there are affordable managed hosting providers for keycloak.
Google Drive & Workspace are their most poorly designed products with the shittiest support ecosystem. Google would rather bleed money than work on it.
That's one of reason I started DoShare Personal Cloud[₁]
[1] https://getcloud.doshare.me
Good luck to you
I thought with Workspace you'd actually be spared from this kind of BS
I guess not?
Well, you have become the product here. That also happens by other "free" email providers too. I had this happen to me on inbox.lt; the guy demanded I use a smartphone to "prove" my identity. At that point I realised they want to connect this data to the account and sell it to others who are interested in that.
2. the response is glib and lacks any empathy
3. there's no suggestions of possible action or resolution path
4. it is all opinion and low value / low effort
So even if it's an "honest and accurate diagnosis" that you agree with, it's not helpful, valuable or even comforting. We can do better.
It's still repugnant to me, as compared to self-hosting, but I would never self-host for a greenfield SMB Customer today. The economics don't make sense and the talent pool of knowledgeable and reasonable sysadmins is dwindling by the day. (I wouldn't want to make a Customer so beholden to me if they were willing to pay for it.)
I miss being able to spin-up an on-prem email server on a box with reasonable hardware redundancy, some external USB disks to rotate for off-site backup, a UPS, a couple consumer-grade "business class" Internet connections, and a contracted "backup MX" to catch email in the event of an outage. It was a good enough for a lot of small SMBs who had a physical office, and was cheap.
Why the fuck would Google care in which country I live? It's a personal decision, and no corporation should have any say in this. They certainly don't have to flag an account for that, especially not if the account has 2FA enabled. This is on Google, too.
Your comment is victim blaming.
30 day cool down period is a reasonable response, at scale.
Aren't cellular providers inherently tied to the country they're in?
How do you move to another country without changing cellular providers at the same time?
For cheaper rates than roaming, typically you install a secondary eSIM for the country you're traveling. 99% modern phones support dual SIM for this reason