Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Google deleting all recently inactive accounts without phone number
42 points by superkuh 12 hours ago | hide | past | favorite | 34 comments
Google is now deleting all accounts that do not, and have never had, phone numbers associated with them if they haven't logged in within a year or so.

"Urgent: Sign in to your Google Account if you want to keep it"

But then it doesn't matter if you log in with the correct username and password and receive the PIN via your email. This is isn't enough. Unless a phone number is somehow added to the account one gets,

"You can’t recover your account at this time because Google doesn’t have enough info to be sure this account is yours."

This is despite having all information ever associated with the account. Unless that account has a phone number it will be deleted. This is a very shady dark pattern by Alphabet corporation.

 help



> This is a very shady dark pattern by Alphabet corporation.

Advertising company (Doubleclick [1]) wants phone numbers to better target ads. No surprise there.

[1] The company currently calling itself Google is not the same Google as yesteryear. In 2008 Google purchased Doubleclick, and what happened is that the advertising rot from Doubleclick ate Google from the inside out. What we have now calling itself Google is actually all the evil that was Doubleclick, only calling itself Google. That's why the Google motto no longer includes "Don't be evil".


Don’t they just want the phone number to make having multiple accounts harder? Or is that what you mean by better targeting?

I have currently got 5 Google accounts: 4 personal, and one from school.

Google encourages multiple accounts and it’s not like social media where they stamp out sockpuppets.

Also, a real phone number that isn’t VoIP is excellent authentication, because real mobile phone numbers are necessarily linked to SIMs for paying customers, so it’s really pragmatic to rely on them.


You are talking about something that happened almost 20 years ago. The "company currently calling itself Google" is the Google of the past two decades, grandpa.

Over those two decades they’ve been slowly turning up the heat to boil us like frogs.

This sounds exactly like the way McDonnell Douglas ate Boeing from the inside out.

Steam gave me similar problems. In the process of trying to get in for the first time in a while to delete my account, I completed a successful 2FA but still couldn't log in because I had to prove I owned the account by providing extra information.

We've fallen so far from the days when the retailer let you just have the game you bought and then they were out of the picture forever.


I've often read that 2FA should be through an authenticator app or a physical key, not via texting a code to a phone number. Malicious sim swapping is a thing, so purposely deleting any phone number from an account should be good practice, right?

So will they also delete inactive accounts that have no phone number, but one or more phone-less 2FA methods associated?


I struck the same as described in OP a couple of years ago. Yes, regardless of other methods of contract for 2FA, I recall even when I thought I had it licked, the process reverted back to asking for a phone number to contract. I tried with a different number of browsers and eventually the latest up to date machine with the same failure.

Google started using their mobile app for 2FA on my account without me ever opting in. Now I’m afraid if I delete the Gmail app from my phone I’ll lose access to my account.

They default to authing you via a sms code usually still, even when you have an authenticator paired

This is a transparent ploy to collect personal information to feed the beast. Google wants to invade user privacy by requiring a phone number and dares to say it's for security reasons! What doublespeak is this?

People need to deGoogle themselves. Also they need to deMeta themselves. Go read what Obi-Wan Kenobi said about the Mos Eisley Space Port.

Google is no different than Meta. Both collect as much personal information they can about Internet users even when they don't have an account with them. The business model is to monetize this data by selling it to data brokers directly, to sell targeted ads using the data and to quietly make it available to authoritarian governments so that privacy laws are not enacted to make surveillance capitalism illegal.

Go with Kagi and Apple.


Google is also extremely interested in my home address…

There's no reason to use Google over ProtonMail or Tuta Mail if you care about user experience. Google's customer support is non-existent, while Proton and Tuta will get you a real human for any problems and are accountable.

It's phonishness. Your life isn't real unless you have a smartphone -- at least that's the way "the empire" sees it.

put my same phone number on 10+ google accounts, if you're skipping this you look like a bot, how should google be able to tell you apart from all of the bots.

Yes, I’ve lost access to two old accounts including my old blogger one. When I try to log in it sends email saying, “someone tried to log in with your password!” :-/

Not providing your phone number is a critical step in protecting yourself against sim swap attacks and other vulnerabilities.

if you haven't cared about using an account for a year, why do you want to use it all of a sudden now?

I have user account on my personal Google Workspace domain that is used purely for superuser access (my day-to-day account doesn't have special access).

I recently had to log into it for the first time in a few years to make a config change to the domain, and it wouldn't let me in because the 2FA code wasn't working, and a recovery code wasn't sufficient to enable privileged access. I had to reach out to Google Workspace support to regain admin access to my domain.

Thankfully, they were able to do so (although it took a few days and I had prove ownership of it).

So there's an example of a situation where an account that's not logged into for a long time doesn't mean that it's forgotten or unused.


The next aspiring trillionaire can take note of that argument when scamming people out of their retirement funds.

Why would one not provide one’s phone number to a financial institution where you hold your retirement or other investment funds?

Don't you think that "security" non-sequitur boogeyman is a bit too forced? You took my example, cherry-picked some words, and turned it into something else entirely. And too bad it doesn't even hold up because surrendering your phone number won't prevent securities fraud, which is what I was specifically referring to in my example.

People in jail/prison, for example, would not have the opportunity to access an account even if they wanted to keep it

If you haven't used your $whatever in a year, why do you want to use it now? Replace $whatever with whatever you want and you'll see how absurd this question is.

I really don’t think it absurd. What’s an example where a Google account is important to you but you haven’t used it in a year?

I barely use my gmail that often. But I still need an email for password recovery.

I would personally not want my account recovery tied to an account I rarely use. That seems full of unnecessary risk. What if you forget that Gmail password? What if it’s compromised and you don’t even notice for almost a year? What if Google decides to change their retention for unused accounts to just 6 months?

I actually had my gmail's backup email at yahoo recycled and I had to remake that account. But genrally I consider these email accounts as my master key to all my other accounts. It has a master password that I am certain I could not lose except simultaneous major head trama and destruction of all my belongings.

If that email was lost, yeah I could be screwed out of other accounts. But no security system is perfect.


“If you haven't used your dirty tissue in a year, why do you want to use it now?”

“If you haven't used your ham sandwich in a year, why do you want to use it now?”

“If you haven't used your receipt in a year, why do you want to use it now?”

Ah, yes. I see what you mean. Truly absurd.


"If you haven't used your emergency go-bag in over a year, why do you want to use it now"?

"If you haven't used your passport in over a year, why do you want to use it now"?

"If you haven't used your grandmother's family photo album in over a year, why do you want to use it now"?

"If you haven't used your safety deposit box in over a year, why do you want to use it now"?


You missed the point.

> If you haven't used your $whatever in a year, why do you want to use it now? Replace $whatever with whatever you want and you'll see how absurd this question is.

This is a silly statement specifically because the choice of “$whatever” determines whether it’s “absurd”. It’s definitely not absurd to assume that a year old sandwich is trash, while it is absurd to assert that an unaccessed safe deposit box is trash.

But of course you also pay the bank for your safe deposit box. If you stop paying then they absolutely will discard the contents (or send them off to the state, depending on laws). No one stores abandoned junk for free. If you want you pay Google for your account I bet they’ll keep it even if you never log in.


Haha, smart. But those quotes still don't justify me taking away your one year old ham sandwich.

If you leave your ham sandwich in the office fridge for a single week, anyone is justified in throwing it away.

The trouble is you think that you are in possession of a ham sandwich that Google is taking away when in reality you’ve left your ham sandwich in Google’s fridge and they are sick of storing the obviously-abandoned sandwich for you.

See also: https://xkcd.com/1150/




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: