
If your email is hacked, everything is - rmnoon
https://medium.com/@veeralpatel/if-your-email-is-hacked-everything-is-47544aeee699
======
kozak
Few weeks ago I got a notification that someone from Moscow (which is like the
opposite of where I reside) wants to restore my Google account ("is it you?").
It had "yes" and "no" buttons. I was in the middle of doing something and
opened the notification pretty carelessly. Thankfully, I have managed to "no"
successfully. But it was horrifying to think that I could have lost everything
if I accidentally touched that "yes" button on my phone's screen.

~~~
verdverm
Get a physical key and remove other 2FA methods for your email. That would
stop them even if you did click yes.

~~~
kozak
What will happen if I lose the physical key (or someone pretends that they are
me who lost the physical key)?

~~~
verdverm
If you lose the key, keep backup codes somewhere safe.

Most likely if you lose the key, no one will know what it is for or who's it
is.

You can also register multiple keys (in GSuite, GitHub, etc.)

