
Tell HN: Careful When Trying Google's Advanced Protection Program - michaelmior
I was looking at the Advanced Protection Program and apparently activated it but I didn&#x27;t have the required security keys, so it wasn&#x27;t fully active. However, this deactivated my existing 2FA on the account which seems like it really shouldn&#x27;t happen until my APP enrollment was completed.
======
bitpush
Sounds like you followed steps wrong? What do you mean by 'didnt have the
required security keys'?

I'm sorry but this is like saying I wiped my computer but didnt have backups
so my data is gone.

~~~
jamieweb
That's how it works - you can enable advanced protection without actually
having the keys set up yet. It is then automatically disabled (along with 2FA)
14 days later if you don't register the keys within the timeframe.

I agree that this sounds a bit backwards and easy to mess up, but I guess in
an emergency situation it would be useful to protect your account while the
U2F keys are still in the mail.

See Troy Hunt's recent article about this: [https://www.troyhunt.com/beyond-
passwords-2fa-u2f-and-google...](https://www.troyhunt.com/beyond-
passwords-2fa-u2f-and-google-advanced-protection/)

The key bit from the article related to OP's post is:

> Clicking the "enrol" button, it's now on (and I also get an email confirming
> this), but the keys themselves have yet to be enrolled

~~~
michaelmior
My existing 2FA was disabled _immediately_ not 14 days later.

