More than once, I was in a different country and tried logging into a workspace gmail account. Google flags it as a strange activity (fair enough) and needs to authenticate me. It asks me to enter the complete address for my recovery email (I do this), it sends me a code to use for sign in (I do this) but it still refuses to sign me and says it can't authenticate me. It says I need to sign in from a location that I've signed in from before.
So, for the period that I was out of the country, I couldn't access my email. This happened each time I'm in a new country. My only work around was to sign in to my email (on my laptop) before traveling and not sign out (for security reasons, I don't like to do this).
Something similar happened when I used a new laptop.
I just don't understand this. What then is the point of having recovery email and phone number if you won't use them?
There's a Gmail account I've lost forever because Google wouldn't let me in even after doing 5 factor authentication (password, phone number, code from SMS, backup email, code from email).
Heh, same for me. (albeit only three factors, but more weren't configured)
It was firstname.lastname@gmail.com that I lost, as I was mostly using my original account with a pseudonym for anything private (was a teen when Gmail started, so didn't think twice about using a cringe username back then).
I had configured the first/last name Mail to forward everything to the pseudonym email and didn't access it again for something like a year... Then I had to respond to someone and... Well, Google never let me access it again.
I eventually gave up on it entirely and switched to a custom novelty domain on fastmail, much much later. (A portmanteau of my last/first name
1) This also happens to non-workspace (regular) gmail accounts
2) I didn't change the policy on the workspace email when I signed up for it
The point is still - why ask me to authenticate via different methods and then reject them after I've correctly authenticated? If some policy is overriding these, then you shouldn't have asked me to authenticate via those methods in the first place.
More than once, I was in a different country and tried logging into a workspace gmail account. Google flags it as a strange activity (fair enough) and needs to authenticate me. It asks me to enter the complete address for my recovery email (I do this), it sends me a code to use for sign in (I do this) but it still refuses to sign me and says it can't authenticate me. It says I need to sign in from a location that I've signed in from before.
So, for the period that I was out of the country, I couldn't access my email. This happened each time I'm in a new country. My only work around was to sign in to my email (on my laptop) before traveling and not sign out (for security reasons, I don't like to do this).
Something similar happened when I used a new laptop.
I just don't understand this. What then is the point of having recovery email and phone number if you won't use them?