Alexander Hanff writes:
Earlier this week Google announced they would be introducing 2-Factor authentication to their Gmail service. This means users will be given the option of providing Google with their Cell or Landline telephone numbers which Google will then use to send you a 1 time authentication code to log in to your gmail account.
All in all it doesn’t sound so bad and Google have been widely praised for deploying the technology – but everyone seems to be missing the elephant in the room – WHY THE HELL would anyone ever trust Google with their phone numbers? I know I don’t and as such the new system is of absolutely no use to me.
However, as if on cue, Google have now forced me into a corner with this “optional” new technology. I have a couple of old gmail accounts which are rarely used but I check them frequently to see if someone if trying to get in touch. Just yesterday I logged into one of these accounts just fine, today however, I cannot.
Google have decided the account has been flagged for “unusual activity” and now REQUIRE me to provide them with a phone number to send me an authentication code. Now I don’t believe for one minute that there has been any “unusual activity” but Google provide me with no other option to bypass this issue – my only option is to provide them with either my cell or landline, which to me is no option at all because I trust Google with my phone numbers about as far as I could throw all the money in Eric Schmidt’s bank accounts.
Read more on Privacy International.
It occurs to me that it also gives Google the opportunity to store your unique device identifier, which they may not otherwise have if you always use Gmail from the phone’s browser rather than via a native app. The device identifier can then be used to aggregate your behavior across multiple phone apps, even if you’re not logged in.
It just gets scarier and scarier, huh?