In one of my more important articles — A One-step Way to Lose Your Account … Forever — I discuss the sad reality that accounts are frequently lost because people fail to set up recovery information or keep that recovery information current.
In most cases, it’s a simple oversight with disastrous results. One day, your account gets compromised somehow, and you have no way to prove you are the legitimate owner. Without that proof (in the form of recovery information used to verify your identity), your account is no longer your account. Period. Forever.
Sometimes, however, there’s a much more frustrating reason people fail to provide recovery information — in particular, their phone number.
Become a Patron of Ask Leo! and go ad-free!
Why a phone number?
The reason email service providers want your phone number is very simple: when (not if) you have trouble logging into your account, that phone number can be used to verify that you are who you say you are.
Your phone number is one small part of your identity. As long as you maintain that number in working order, it’s how the people you share it with reach you. Even if you lose your phone, that number can be reassigned to its replacement by your carrier.
If an online service needs you to prove that you’re the account owner and you have the right to log in to that account, even if the password doesn’t seem to be working, that phone number you gave them is the proof they use.1 They text you a code. Your ability to provide that code when asked proves you have the phone at that number.
It proves you are who you say you are.
It proves you should be allowed access to the account with which you associated that phone number.
The fear
Google will not use your mobile phone number to spy, track, or otherwise compromise your privacy.
They just won’t.2
Yet some people are absolutely convinced that if they hand over their phone number, all of a sudden Google is going to do exactly that, and probably more evil things they can’t even think of.
They fear Google more than they fear losing their account.
I don’t get it. I really, really, don’t get it. If you fear Google that much, then why have a Google account at all? Or why have a Google account that is in any way “important” to you? (If you honestly don’t care if an account gets compromised, then recovery information like a phone number is immaterial.)
Google could do better
There’s one valid reason not to give Google your mobile number: if you don’t have a mobile phone. Google, at least, seems to assume that everyone does, and that’s not true. (Not to mention that SMS may not be available at all times, such as when travelling.)
It’s frustrating, because many systems (such as Google’s own two-factor authentication) use non-SMS-capable phone lines to provide a code at recovery time via automated voice. Why this is not currently available for alternate account verification, I have no idea.
They could also do a better job explaining their reasons for asking for a number in the first place, including how and when that number would be used.
You must do better
I keep saying “when, not if” you run into account access problems, because it happens to all of us, for a variety of reasons. It’s just a matter of time. Without alternate access information, you stand a chance of losing your account forever.
If you have a mobile number, add it to your account.
If you have an alternate email address, add it to your account.
If there is additional information requested that could be used to prove your identity to recover your account, add it to your account.
Someday, you’ll be very, very glad you did.
Do this
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
I'll see you there!
I always give my mobile number when signing up for accounts I deem important enough not to want to lose. I don’t rely only on that, as there’s always a chance that might not work, for example, when traveling or my phone gets lost. In addition I have 3 or 4 alternative recovery email addresses. It’s important that at least one of those recovery addresses doesn’t require a second factor of verification when traveling out of the country. For that, I use gmx.com as one of my recovery addresses. It’s a reliable company, coincidentally owned by my ISP, so I don’t expect them to disappear.
I have received many annoying sales phone calls from Google advertisers. How did they get my phone number? I am reluctant to give my phone number to businesses. I never know who it’s going to be given to, despite assurances that it won’t be given to anyone. At one time I had an alternate number that I never answered except for account verification. But maintaining that number cost me money. Why should I have to pay to not be disturbed? Leo, do you know any way around this problem? Why can’t an email address be used for verification?
That is not Google calling you. Scammers often lie to you and tell you they are from a reputable company. Google says they won’t use your number for anything but account verification. If it turned out not to be true, they would be open for civil an possibly criminal charges.
You can give them an email address – look at “Your current email address” in the image above.
I believe strongly that Google does not share the phone number you specify as a recover number for your Google account. Advertisers and spammers have many other ways to get phone numbers.
Let’s look at Google’s history, anytime they want to change what they do with the information one gives them, they just change their Privacy Policy. I know Leo, you are much wiser than I am one it comes to all things computer related, and I totally admit that is 100% true. I also know my email account with Gmail is among one of the oldest as it was a beta deal and I wanted to give the “online” email genre a try. Prior to that I had an e-mail account with my local ISP which was a completely different animal. Gmail/Google has a history of very upset customers due to policy change, merging accounts one does not want merged, and a whole host of other very irritating behavior, and every time one has to weigh the trouble of changing all of one’s contacts, etc. against just doing nothing and let the changes take place. Yes in many cases they gave forewarning of such events, but for you to state quite explicitly that Google will not use ones mobile phone number for anything but proof of identity is foolish.
To further state they would leave themselves open to a lawsuit if they did so is even more laughable. As I mentioned they would simply change the policy and state your mobile phone number will be used for whatever new thing they may deem advantageous to Google as Google sure as hell does not have it’s Customers best interest in mind when they do anything. Google among other massive Corporations has been allowed to become a massive monopoly gobbling up more companies in a given year than one company should be allowed to in a lifetime. The next policy change would explain they are now going to share your mobile phone number with other companies that Google deems you might be interested in due to your shopping habits (or an email that was scanned for key words) or whatever other reason they might give.
Due to extremely weak policies on our privacy rights in the USA and around the world we have to “opt out” of anything we deem unsavory or otherwise distasteful behavior by the companies we do online business with. The reality is we should have to “opt in” to Spam, Advertisements, email address sharing, keyword scanning, and all other objectionable “Big Brother” type behavior by Google, Yahoo, Microsoft etc. Unfortunately for reasons I am not totally sure of other than laziness, greed and incompetence, (and other reasons I do not have the time to rant about right at this moment,) our Internet was allowed to be taken over by Big Business and continues to be headed that way. So yes by all means give Google and all other companies that ask for your phone number for identification purposes your phone number, because everyone knows there is no other set of numbers or information they could have asked for or generated for you to give them in case you lose your password. Right? Ridiculous…
If you feel that way, just set up an couple of recovery email addresses and your account should be just as safe.
Thank you Mark.
I have already done so.. This is why I am questioning the request for mobile phone numbers in the first place, I’ve had the recovery email address set up for years and years, as has everyone I know, and not because I suggested it but because Gmail/Google requested it when they set up their accounts. As a matter of fact on my “second” Gmail account when I failed to provide a recovery email address for months on end instead of allowing me to just log in I was reminded I did not provide Gmail with a recovery email address. So either Gmail/Google stopped requesting recovery email addresses after I set-up my last account or they already have a recovery system in place and under the guise of convenience, because apparently everyone but me and 9 other people in this country text, Gmail now wants one more piece of personal information from us.
I understand Leo’s point of view as well as yours comes from a different place than mine, but I fail to see the need for a mobile phone number as proof of identity at all, except for an agenda not yet revealed. And when Google gets hacked, in addition to email passwords and accounts the hackers will have phone numbers of mobile phones as well. To what end? I am certain I have no idea..
A recovery email address may be as effective as a phone number, but if someone who doesn’t have an email address signs up for Gmail, giving them a mobile number is the easiest thing to do (and safe :-) )
You also have the option of getting ten (?) single-use backup codes. I think these can be used if you don’t have access to yr phone for whatever reason. In my case, I work in a correctional centre, and can’t take my phone in.
That’s only true for two-factor authentication, as I understand it, and doesn’t apply to the recovery scenario. (Would love to be wrong on this – it would be helpful.)
Hey, when you lose your mobile phone, how does the cellphone carrier identify you as the rightful owner?, with your Google account? Why are websites always asking for security questions, if they can’t be used to re-establish your account? So sorry, I don’t agree with you. Google doesn’t NEED my mobile phone number, anymore than the cellphone carrier NEEDS my social security number. It’s a flat out intrusion into our privacy. And I’m not buying into the claim that Google will not sell the mobile phone number. Maybe not in this current environment, but what happens when someone buys Google? Will the new owner hold to the old policy? So if Google is not willing to give me another way to prove ownership of the account, I will have to live with the possibility of the account being compromised, and lost.
Who will buy Google, GOD? They are the ultimate ACME.
In case you haven’t noticed, every company has a limited life. Eventually, their value falls, and someone buys it.
You’re right. Google doesn’t need your phone number. They’re simply asking for it to make things easier for you. If you don’t feel comfortable with that, than don’t. Just set up a couple of alternate email accounts and it’s just as recoverable. I personally think giving my cell # is fine. One more safety net.
Being cautious is wise. Being overly paranoid is exhausting. I just give my phone cause it’s about making my life easier
NO web site EVER “needs” your phone number. You can verify a new account with email verification. Asking anything more than that is way too much. I decided not to use rumble when they wanted email verification, THEN insisted on having your phone number as well, or you couldn’t use the site. Well, FU Rumble. I’m so tired of my information being sold on some list then I’m bombarded with robo calls and sales people. You don’t need two methods of verification. An email is sufficient. anyone insisting on a phone number won’t get my business.
Coincidentally I was just reading past comments at yahoo due to an objection about their new, and stupid, page design.
I happened to run into the thread discussing the stupid, security requirement for a cell number to authenticate one’s
identity. It gives the option to do it “Later” but no “Never” is offered.
Some of us, believe it or not, never have had mobiles and never will. Oh and of course a land-line is outta the question.
As I said in the article, they could support using a land line, as they do for two-factor authentication. I just don’t know why they don’t.
The later option is tantamount to never in that case because they probably will never offer it to you again. You’d have to go into Options to add a cell number. No need to block that option so that if in the future you do get a cell phone you can still do it.
As for the land line option, as I said in a previous comment, some VoIP services like Magic Jack, Skype etc. can receive texts.
First of all, I’ve never had, nor will I ever have a mobile phone.
I’ve put my cordless handset in my coat pocket and found it there 40 miles later at my mom’s, but no dice.
Secondly, I just don’t think my You Tube account is all that earthshattering to lose, even if I do have some of my own content.
I don’t use Gmail and I killed off my Plus page because it was being used by outside parties as a discussion group in an Arabic language anyway. That was over two years ago.
Some yayhoos can always deface my insignificant websites I’ve joined, and they do for giggles. I’ve been an 8 year old for 43 years, been online for twenty years, I’m not going to die from it. I don’t face or twit.
Your mileage will vary.
Love it!
pretty much same and i put in recovery email and that is not good enough they want the number or no sign in so to the ones saying recovery mail fixes it not true at all anymore maybe once upon a time not anymore just like google
For several years I have used a Google Voice number as my primary. I suddenly realized that I also unthinkingly listed it with Google as my recovery phone, and how foolish that is — if someone took control of my account, they’d have that number in their control too!
So thanks Leo for jogging my thinking. (And yes, I changed it.)
Good post! If you are worried or have problems with calls you don’t want sign up on the national do-not-call registry. It has worked for me, and I rarely get spam calls. Plus, with a smartphone it is very easy to monitor incoming calls and just ignore the ones that come from unknown sources, then block those numbers. Works like a charm. The big issue I have encountered is that when traveling out of the country where your mobile phone is registered many of us have no service and no way of receiving texts or calls on that number, meaning you can be locked out when Google decides that you are logging in from a suspicious IP address. This is a common occurrence experienced by travelers. If you are on the move you might get locked out every day, or even more often, requiring time-consuming account recovery, especially if you don’t have alternate email addresses on another provider that don’t require elaborate authentication to access.
Those are situations where having a couple of alternate email accounts for recovery and authentication are so important. I live in Germany, and when I travel to the US, I can receive text on my German phone in the US, and it’s free. Before traveling, you’d need to check with your provider about receiving texts out of the country.
Zepher, I have both a land line and cell. I signed up for the federal do not call list and it worked for a few years but now I get 3 or 4 calls a week on the land line. I’ve reported the numbers but it doesn’t work. Signing up with the do not call list a second time hasn’t helped. According to the news most of the calls are originating over seas and they are somehow making it look like the call is coming from a US area code. There is no way to stop them. I just don’t answer the phone and reverse lookup the number. If the call is legit I call them back. My doctor, Vet, family and friends are the only people I give my cell number to.
My wife and I don’t have cell phones. Why can’t my landline phone number be used as a secondary verification. Of course Google could not text my landline but they could call and leave a 10 digit code number on my answering machine that I could then use to access my gmail account. Why is the above scenario not a possibility?
As I said in the article, I don’t understand this either. They do support voice-only land lines for two-factor authentication. Why they don’t support it for account recovery is beyond me.
But as I’ve discovered looking for a solution to this. VoIP services like Magic Jack, Skype-in and others allow you to receive texts. They’re not free but they are relatively inexpensive.
I have to agree with the sentiment that this step is not acceptable in an account set-up. There is the option to supply a different e-mail address, and this can be done easily enough. Furthermore, the blatant assumption that everyone has a cellular telephone, and even more so that those who do have cellular units automatically have smartphones or texting capacity, is ignorant on the part of Google (or any other supplier). I not only do not have one, I have many friends who do not have a cellular telephone. It is not as rare as you might think.
Properly set up security questions, as well as a back-up e-mail address should be all that is required.
I think supporting a land-line would address the first part of your comment, and I wish they would do so.
The problem with security questions is that experience shows people don’t “properly” set them up. Either they don’t remember the answers (amazingly common), or they answers are easy to discover publicly. This is why most providers are moving away from using them at all, in favor of alternate email addresses and phone numbers.
I’ll agree that verification by alternate email is probably just as effective as using a cellphone. I would guess that the average user doesn’t have a second or more email address and many wouldn’t be able to set one up. For them, the phone verification is much easier, and it’s absolutely safe! If you don’t trust them, then I’d say you’re just as protected with a couple of alternate email addresses.
If you have a Google account, a real good way to not loose your account info is to simply type it in as a note to your cell phone (i.e Samsung’s Memo). This way you don’t have to worry about giving out your cell number & as long as your phone remains secure, you will always have your account info handy. For those without a cell, write it down on paper, then put that paper in your wallet/purse. Problem Solved.
If you mean write down your password, that is not a good idea for a couple of reasons. 1. That won’t help if Google wants to verify your account when you’re using a different computer or device. 2. Writing your password down opens you up to someone finding that piece of paper and getting into your account.
Hi I tried to get a new Google account, but I have no mobile phone # or phone! so that was it . I only have a Land line, no new Google new account for me I guess.
Of course Google can give your phone number to someone else. It can give it to the police, if presented with a legal document. You don’t want that. In some parts of the world, no phone number can be anonymous. You can’t have one unless it’s tied to some official ID.
It’s funny how few people take that possibility into account, as if it could not hit them personally. The police only come after bad guys, and I’m a good guy. Think again.
If you’re that concerned I don’t understand how you can have a Google account at all. The police can just as easily use that to trace you as a phone number, if they have the appropriate legal standing in your country.
We continue to use gmail because we have established addresses, created “anonymously” in the past. What’s mystifying is the causal indifference in your defense of sharing personal identity with google. Mobile phones are registered with complete identity information that makes every email, text or search in your google account family exposed to information correlation, retention and sharing with other businesses and authorities (warrantless, to boot).
Your article seems disingenuous.
The reason to give your phone number is to be able to secure your account. There is nothing disingenuous about that. If a person is going to use any technical services at all they will not be 100% anonymous. It’s a fact of modern life. In other words, if you have a Gmail account at all then you are trusting Google with sensitive information. So why suddenly become paranoid about your phone number?
If you are afraid of Google having your number because of all of the information associated with it, I believe you are exaggerating the issue. If personal information could be had from knowing someone’s phone number, then anyone who has your business card could get that information. A mobile phone company would only give that information to law enforcement officials with a court order. The only problem I could see is if Google chose to misuse your phone number they could sell it to telemarketers which I believe is illegal regardless of privacy policy. And if discovered it would kill Google’s golden goose for a few eggs.
Your assuming that those relationships don’t exist even before the phone number is handed over. I stand by my position: I don’t believe Google has the agenda you fear, and the number is, truly, about getting your account back in the case of eventual compromise.
Paranoia that is really so far out there, its crazy. My bank account was recently hacked and the theives started out with small amounts, all to my good luck. I have a national brand email account other than Google but I do have gmail as well. Naturally, the hack occurred on a Friday night, when real people aren’t available to help with questions that go beyond the normal “FAQs”. What started out being a text alert from my bank stating that my recent password change was successful, I decided to check my account. Obviously I couldn’t get into my account because someone other than myself had changed the password. Now in panic mode, I decide to check my email for any messages from my bank. Well, as luck may have it, I couldn’t get into my email account either. Fortunately, I do have several email accounts which I use for recovery issues such as this. Having dealt with getting my email access back because of having alternative email for recovery, I checked for any messages from my bank which there were none in my inbox. For some unknown reason, I decided to check my trash folder and I discovered one email from my bank saying if I was not responsible for updating my password that I should immediately contact my bank. With it being late Friday night, I was not going to speak to a real person, therefore I would have to wait until Monday morning before I could get anything accomplished. Also, as a side note, my investment account can be easily accessed thru my bank account once you are inside of the account. My investment account had a seven figure cash balance, just to give this some perspective as to the serious nature of what happened. Once I had gotten back control of my email and my bank account, I was amazed at the damage that was done and at what could have been done. With control of my email account, the thieves were intercepting all emails coming from my bank. Apparently once my email was hacked, the culprits surely did a search for any emails from banks. In doing this, it would have been really easy to ascertain which banks I deal with. From that point, going to my banks login site and stating forgot username, the bank would email a link to correct this. Then the same with my password, all of this going to an email account they now controlled(the thieves). Now they are in my bank account that easily, along with access to my investment account by clicking a link on my accounts page. In my account I found three payments totaling $1200.00 that were to people I didn’t know and these payments were set up to pay them using various email addresses. The thieves also transferred $10k out of my investment account into one of my three different bank accounts, my assumption is they were testing what could be done within the website and quite possibly what limitations in amounts might exist. Fortunately the $10k didn’t leave my accounts, basically just moved around. After finally being able to notify my bank about the fraudulent transactions, the bank required that I open a new account, which also meant that I had to go to a bank branch to show I.D. along with new signatures, etc. etc. So that I would have time to download all statements and other things, the original person that I spoke to earlier that morning placed a freeze on my money in all accounts as well as placing a negative balance of $700k on my hacked account. So after going to get things done at the local branch, I thought all was good. Unfortunately the person who helped at the branch removed the negative balance in my original hacked account which allowed for three ACH withdrawals totaling another $6k. The bank assured me that I was not responsible for any financial losses, but the time and aggravation of dealing with all of this seemed to be never ending. Thinking this was all behind me, I received a letter about two months after this incident from the IRS stating that my tax payment of over $100k bounced because my bank information was incorrect. I neglected to check and correct my banking info for the IRS to automatically withdraw the payment from my bank. This has been quite long, I understand that, but I just wish to emphasize how important it is to have a two step authentication process, which was suggested to me by the fraud department at my bank. I now use the two step thru text messaging on my phone for every email address, bank or whatever. Just to note, although I lost no money thru the fraudulent bank transactions other than my time, it did cost me around $1,000.00 to the IRS due to late fees, penalties and interest. Now a thief will have to have my cell phone before he/she can hack my email accounts. I hope this helps people understand some of the never thought of consequences of not using the two step process!
In Europe, all bank transactions must be verified by a TAN (transaction account number) before any money can be moved. Most now allow the use of mobile TANS via SMS text. Many still use a printed list of one time TANs which is also safe, as long as you keep the list protected. I scan mine and encrypt the file. Then I shred and flush the original list. Be careful when flushing that you don’t cause a data overflow in your toilet :-).
I seriously don’t understand why the US is so backwards in their banking.
Very good article, Leo.
Just my two cents. I don’t have any problem giving my cell phone number to Google. As of this writing, I am on Google where I had to log in and received a code in order to access my account. My question though is: Why on earth, Google doesn’t acquiesce my request “Not to ask for a verification code on this computer”?. There’s a check box with that phrase right below the field where one has to enter the code. I always put a check mark in that box, but whenever I try to sign in to my Google’s account, they keep on sending me a code.
My point is if you say something, you have to abide by what you say. BTW, I am the only one who have access to my computer. And I also have two Google accounts, which means every time I am subject to receiving two codes since I always login to both accounts. To me, that’s very annoying and hyperbolic.
Google’s setting to “Not to ask for a verification code on this computer” works on my computers. So you may want to look at your own personal settings of your browser to see if something there is causing your problem. For instance, if you have it set to delete cookies as you exit, then Google (or any website for that matter) will not be able to remember you.
Thanks for the reply. I think that is probably why. My settings are to delete cookies on exit. I am going to change that and see what gives.
Thanks again. I’ll post back.
If you regularly clear cookies that’ll cause Google to “forget” your request.
@Connie (Team Leo),
I have just checked my settings and the problem didn’t have anything to do with cookies being deleted on exit. My mistake!. I thought my settings were to delete cookies on exit, but that was not the case. I didn’t add any site to that regard. At any rate, I took the time to review my main settings in the Privacy section and in all likelihood the problem seemed to have been related to: “Automatically send usage statistics and crash reports to Google” whose radio button was at Off; and to: “Keep local data only until you quit your browser” whose radio button was at On. I switched them back to “On” and “Off” respectively and that seems to have resolved the issue; because after that, I logged out from my Google accounts (2) and logged back in again. This time around, I didn’t receive any code to enter.
Thanks again for your help.
Google, whom I have renamed Ogle, is only as safe as their character. A couple of years ago I bought a Nexus 7 tablet from Verizon for the ridiculously low price of $49 and only $10 / Month. Steal right? One day I was perusing through the technical information and came across Google App Permissions. To my shock it granted itself full access to your cameras and microphone with the ability to record video, pictures and audio, WITHOUT YOUR PERMISSION OR KNOWLEDGE!!! This gifting occurred by the act of merely owning the device! I took the tablet back to Verizon. They informed me I had only 14 days to return it and I had already exceeded that time limit! Seems someone at Google realized that if anyone came across this outrageous and blatant usurpation of personal security and privacy they would immediately try to return the device so they made the refund period so low that only the most avid technophile was likely to discover the breech within 14 days! I kept the tablet in a tin Charles Chip can for the next 2 years until I could cancel service. I tried to interest a couple of TV news outlets, but shockingly they showed no interest. This is absolutely scandalous. It’s a government spy machine and I told Verizon’s employees they better tell the girls some pervert could be spying on them in their bedrooms and taking their pictures!!! Last I looked, they’ve reworded things slightly, but nothing has changed! Why doesn’t anyone sound the alarm over this? It’s Big Brother and we’re just acquiescing and letting it happen without a whimper!!!
I recently have removed my cell number from Google, because unfortunately the cell phone companies will let LITERALLY ANYONE who knows some basic information about you (your home address and phone number, for example) to change your number to another cell phone. Once they have a phone that receives texts to your phone number, it is game over for any account that can be recovered using that number. This unfortunate scenario happened recently to a guy named Cody Brown, and ultimately resulted in the loss of thousands of dollars worth of Bitcoin. Read up on it over at https://medium.com/@CodyBrown/how-to-lose-8k-worth-of-bitcoin-in-15-minutes-with-verizon-and-coinbase-com-ba75fb8d0bac
Some people still have no mobil phone, me being one of them, so whats the alternative?
There are some online phone services which give you a number and allow texting. An easy one that comes to mind is MagicJack.
An alternate email address.
I gave the alternate email account and received verification code but even-though I couldn’t access my gmail account
The fact that using a cell number for authentication is on of the least logical and least secure methods, and yet Google, Yahoo! and everyone else is rying to pressure people into providing it, is what causes the suspicion. These companies all have a poor track record when it comes to honesty and protecting privacy, so when they take such an illogical approach and close all other doors, people rightfully suspect they have an anterior motive.
Thanks Leo for the service you provide.
Here is my current problem.
I have a trusty HP desktop running XP with a number of old, mostly engineering programs, like PSPICE, that I hold dear and only use for non-commercial projects at home, perhaps once or twice a year. So I keep my old friend (and programs) in mothballs, disconnected from the internet to hopefully preserve its integrity and usefulness.
That said, very recently I discovered that I couldn’t print “anything” from my XP machine. My HP LaserJet 6L (parallel, non-plug and play interface) works fine, but remains comatose as far as the two working together goes.
I’m writing to you from my Windows 10 (W10) ASUS laptop on the internet. What I want to do is download new drivers from the net to a flash-drive on my W10 machine, that I can than use to transfer the new drivers to my XP machine, to hopefully restore my printing capability from same.
Can you help, Everything I’ve found on the net seems to require an installation program that works (runs) only on the target download machine, my W10 machine in this case.
Two solutions come to mind: getting drivers directly from HP for that printer. That’s an old enough printer that what they offer may only work on XP. If they offer anything at all, that is, which could be a bigger problem.
Another solution is to try something like a print-to-pdf driver – like CutePDF – and install that in the XP machine. Print to PDF, then take the PDF to your Win 10 machine that can print normally. Big caveat here is to watch for PUPs when you install the print-to-pdf driver.
Thank you for this article. I wanted to ask a question and this article came up on search of this site.
I have a Google account I set up in the days before they required a mobile phone; ditto for my YouTube account. They now consider my YouTube account a subset of my Google account, which they call a
“Brand” account. This is a helpful feature I use when posting on YouTube.
I now need a second Brand account for another Google-owned forum. A website I formerly belonged to has closed down and some of the friends I had are posting on G+ … I want to be able to use the name I used on the prior forum for this purpose.
Keep in mind again that a Brand account is merely a subset of a Google account.
The problem is that when I try to set up my second Brand account it is essentially like creating a new Google account in that they are now REQUIRING a mobile phone number. I do not have a mobile phone.
There are numerous services online that offer temporary mobile phone numbers for this purpose but none work, either the message is “number has already been used too many times” or just “Google can’t use that number for verification”. I don’t know anyone I would ask to borrow their mobile phone number either.
I would be perfectly willing to offer them several alternate email addresses for verification but that’s not good enough for them and neither will they accept my landline phone number to create the account.
If you folks have no workaround to suggest for this I’d like to simply consider this post as an underscore to Leo’s observation above that it seems as if Google could accept a landline phone and offer a voicemail validation code, at least to setup a sub-account for an account in good standing.
There must be many people out there who have no mobile phone but because no one can contact Google they appear to be blissfully unconcerned about this problem.
Just a few words: Who do you guys work for?
The future World Wide Phone List Co?
Fairy tales are long worn out.
I am not interested in texting, receiving texts or using passwords on my cellphone. I have one for emergencies. I guess this is the end of my gmail account.
You would only need to receive a text message in the event you are locked out of your account, for example, if you forget your password, or in some cases, want to access your email from another location. If you don’t want to receive a text from them, you can also set up a recovery email address or two which you can use to verify your account. Google doesn’t use your phone number for anything else.
Adding a phone number is optional. This is what Google says about it on their website:
Phone number
“If you have a mobile phone, this info is optional but highly recommended. Depending on how you add a phone number to your account, your number can be used on different Google services. For example, if you forget your password, your recovery phone number helps you get back into your account”
So this is interesting, i have setup hundreds of Google accounts for access to our Company Tech drive which is synced to the company Google Drive account. I estimate about 60% of the time a mobile is requested before the account can be setup , the remaining accounts a mobile is optional, have no idea why this happens , was very annoying initially setting up the user accounts with existing employees as they are spread out across the country. With new accounts i am usually setting up a new phone with the new employee so not such a big deal.
I created my gmail account more than 10y ago, there was no mobile numbers required for verification. I even don’t remember the exact month & year of creation.
Hence, now if any of my marketplace friends, which they are my competence also, want to sign in to my account, it will be very easy for them to do it. they’re already have my username and my cellphone No. and by providing them to Google Service they could access my email easily.
what a stupid way to verify an account ownership!!!
It’s not stupid at all. It’s actually a secure system. Just knowing your username and cellphone number isn’t enough to get into the account. They would need to have the phone with the phone number registered to the account in their hand in order to receive the password reset code.
You should make sure to update/add current alternate verification mechanisms to your account.
Its stupid to give especially to Google who have been known to steal information and sell it on without permission. Google have also been caught recording phone conversations and even video by switching on cameras on peoples phones. Google cannot be trusted and will without fail read all your Gmail
The whole Google play store system is designed to steal and track you, knows everything you buy everywhere you go
Its so dumb to give it to these crooks
Needless to say, we disagree.
I put my land line number by mistake and now gmail verification code is trying to send it there to no avail and meanwhile I can’t change my password or anything since I do not receive the land line verification code. I did change it to mobile phone but the verification code is still going to the original land line. Gosh what do I do – gmail team is not reponding.
what if your account is hacked and compromised and they get your number and change it or delete it or put their own number into it then what?
If your account is hacked then of course they can change whatever they like. It’s an important part of account recovery to make sure you set appropriate recovery information to begin with, keep it up to date, and check it once you regain access to your account. Adding your phone number does not put you at more risk, but rather gives you more opportunities to recover your account.
I am in the same predicament. I am not going to give Google my cell phone number. I rather lose the account.
I am a software Engineer that used to work for a particular hi-tech company. I used to be asked to add features that left me uncomfortable. Therefore, the notion that Google will not use that phone for anything else is naive at best.
I have this google account since 2010. Previously, I used it only to watch youtube videos, but fairly recently I started using it to post comments on the YouTube mainstream channel news videos. Almost all of my comments contain constructive criticism of US foreign policies vis-a-vis Venezuela and other part of the world, and also some criticisms of Israel as well. Then all of a sudden, Google locked me out of my account and is asking me to provide a cellphone number.
I have a feeling the criticism of Israel may be the reason for locking me out.
Chances are it’s not Google deciding to lock you out on its own. What I’m seeing more and more are people causing problems by reporting posts that they disagree with as spam or terrorism. The automated systems then at the hosting site then see that and take (automated) action. It’s a very flawed system, but I can see exactly that happening out at YouTube.
Do you work at google? Do you know the inner workings of the company? If not, then at best, you’re just guessing. How do you know Google doesn’t have a system that auto-detects negative comments about Israel and flags the responsible account for review/suspension?
In any case, I had a similar experience when I started posting comments about Israel and how they were treating Palestinians. I recently got suspended and was asked to provide a phone number to sign back in.
They are trying to de-anonymize people by tying their real identities to their youtube accounts (via the phone number). Given the latest Project Veritas revelations, Google definitely has a serious political agenda and I’m pretty sure this is it. They want people’s identities so they can target them at a later time.
I’m sorry all that happened to you, but I just don’t subscribe to that particular conspiracy theory.
This could have legs……
Originally the 5 Eyes were only surveilling, Radio, Mobile and fixed line communications through the ECHELON project , bet that’s expanded to include on line comms through any source they can get into (everything in other words)
I am not fond of giving anymore than i need to these companies, there is no knowing how they will use or misuse or on sell in the Future, we know that Google and Apple and Amazon all record conversions for quality improvements to their AI / Voice recognition programs without our Knowledge, well we know now that they have had to come clean.
I want to create a second gmail account and go through all the usual questions. At the end I am assked for a phone number for confirmation purposes. I have tried my i-phone number and my landline number and and a made up number. Google says none are acceptable. So what the hell do they want?
The error message from Google should provide more details, but in general they want a phone number to which they can text recovery codes — in other words a number that supports SMS.
A few things I can think of are that you may have included hyphens or spaces in the phone #. Some websites only allow numbers. Or possibly, you aren’t including the +44 country code or possibly, you are including a zero after the country code as part of the area code prefix.
No! Way should you give out your phone number to any tech group, including google. I’ll let all my gmail account go first. You never know how it will be used. Think of Facebook and the violation of your privacy after all the promises to keep you in charge.
Well, as the article above outlines, I disagree with that position.
I fear i’m being targeted by Google also. I’ve used my landline number in the past to recover accounts that they mysteriously say now have ‘suspicious’ activities. Of course they never tell you which suspicious activity triggered the disabling of my account. But at least in the past i could have them call me with a voice number to verify my ID. Now they won’t even accept that. Now they will only accept ID texted to a smartphone. For some reason they no longer accept a number emailed to my recovery account.
Google demands a smartphone number and nothing else will do! What of the many people who have been using gmail for many years that have never owned a smartphone and for their own reasons don’t want to ever own one? Is it right that they should be locked out? Their reason for not owning a smartphone is no one else’s business. Especially not google’s. And it’s only a germane for Google if they plan to discriminate against some people but not others.
As for why Google demands a smartphone number, it doesn’t matter as they shouldn’t be able to make that demand on someone that created the account before the new rule was implemented. If i was ever told that a rule like this would ever be implemented, i would have never had an account with Google in the first place.
There is no valid reason that Google should be able to disable my account without me being able to recover it in some other way. Yes, i’m a conservative that comments on different blogs. Since not being able to recover an account is only a recent problem, i do think i’m being targeted by Google. I wish i didn’t have so much information in my accounts with them, but it is what it is. I feel trapped by them. I feel trapped by an evil company. Oh, they’ll be good to you if you’re a liberal. At least for now. But when they’re done with me, they’ll come after many of you later. You’ll find this out when they start making your life as complicated as they’re making mine right now. And Google wonders why so many people hate them right now. I’ve done nothing wrong and i’ve never made any kind of threat on any blog anywhere.
They start off slow and ratchet up the pain over time. They’ve gotten far more than their nose under the tent at this point. They and the other social media are coming after conservatives and i don’t think it’s legal.
Leo, we need smart people like you to start looking at this with a more skeptical and less trusting eye. Google is not the ‘good’ company that you think it is. They are in the process of hurting many innocent people and it’s going to get worse. They are being partisan, but even if they weren’t being partisan, it would still be wrong to do what they’re doing.
I want to get their foot off my neck. I don’t want to dance to their tune. I don’t want to turn my personal life over to them. And if i can recover my accounts, i’m going to start taking immediate steps to get away from Google. Because in my wildest dreams i never thought it would get this far. Unfortunately, i know that to a certain extent, i’ll never be able to get Google completely out of my life. They’re just too ubiquitous. And it’s a shame they feel they have the right to get involved in this way. If they had minded their own business, they’d have been more loved than hated. All i want now is to be as far away from them as i can get. Too bad that i need to recover my accounts. It forces me to deal with them.
Google does not require a cell phone number to open an email account. Google has optional fields to enter recovery phone numbers and email addresses; they aren’t required but it’s dangerous not to enter recovery information.

This is what I see as well. However there are anecdotal reports that not everyone is seeing the same thing, and that in some cases — for reasons unfathomable at this time — Google may insist on a mobile number. I question whether that’s actually the case, though. I think it more likely that the interface is unclear and that digging down deeper would allow a land line, or other recovery information to be provided instead. If my theory is correct then I still blame Google, but for poor UI/UX design.
“I question whether that’s actually the case, though. I think it more likely that the interface is unclear and that digging down deeper would allow a land line, or other recovery information to be provided instead”
I have setup hundreds of Google accounts for access to our Company Tech drive which is synced to the company Google Drive account. I estimate about 60% of the time a mobile is requested before the account can be setup , the remaining accounts a mobile is optional, have no idea why this happens , was very annoying initially setting up the user accounts with existing employees as they are spread out across the country. With new accounts i am usually setting up a new phone with the new employee so not such a big deal.
And no i am not mistaken
As you can see from Leo’s answer to my comment, Leo agrees with you, some people don’t get the option of skipping the mobile phone number.
Google WILL use your mobile phone number to spy, track, or otherwise compromise your privacy. They just will.
Not true but believe what you want.
Clearly we disagree. I hope you have other ways to recover your account.
This article does not have all of the information.
First of all, when you set up an account, you can use an EMAIL or a PHONE NUMBER as a recovery option. However, IF you use an EMAIL address, Google is going to come back later and force you to provide a phone number. The lingo is
We’ve detected unusual activity on the account you are trying to access. To continue, please follow the instructions below.
Provide a phone number to continue.
We’ll send a verification code you can use to sign in.
Google will do this IN SPITE OF the fact that it has a recovery email that it COULD use! There is a reason for that!
In addition to that, Google could be bought out in the future. Right now, Google is a strong company. So was Netscape. So was Yahoo. So was MySpace. So was AOL. What do ALL of those companies have in common? Their business value decreased over time, they were sold and ALL of the information you provided to them went to the highest bidder! Dynasties come and go! Companies come and go. YOUR INFORMATION, however, goes along with them and then it falls into the hands of marketers. Google may agree not to do certain things with your information, BUT a company that purchases them may not!
In addition to that, Google’s rules change over time! Think about Facebook. At one time, your account data WAS far more private than it is today! Rules change! However, once they have the information, they have it and that’s it! Now, you may ask yourself why your phone number would be important. Google already tracks you to a high degree if you use its apps on your mobile device. Marketers track you too. Ever go into a grocery store and enter your phone number for their rewards program? Ever sign up on a company’s website and use your phone number? Why do you think they want that information? It is so they can put your purchase data into their system to do data mining. By tracking you with your phone number, they can see what stores you shop at, when you are most likely to shop, where you are and how much you spend. Companies can even tell WHEN you have your phone on you and when you don’t.
Now the truth is that Google ALREADY knows a lot about you! Your search history isn’t a secret, which is why you can go to Web Activity and actually VIEW IT – even after, AND IN SPITE OF THE FACT THAT, you delete it from your browser! Adding your phone number is another link in the data picture they are putting together of you. It is NOT a benign action! YOU just haven’t figured out what they are going to do with your information OR what they are already doing! Google didn’t make its money by not using data! It USES DATA because DATA IS VALUABLE!
If you want to secure your account, USE A RECOVERY EMAIL AND NOT YOUR PHONE NUMBER! If Google comes back and makes you provide the number, which it will, you can then decide to provide it or not, but trust and believe that Google is using that information to increase the accuracy of its data for marketing purposes!
If you are forced to, get a temporary number, add that number and then disassociate that number. Don’t use your real cell phone number. Also, please be aware that Google will not allow the same number to be used to validate an unlimited number of gmail accounts. They limit a number’s usage.
I have a computer science degree and over 15 years of experience working in some of the top companies in the world.
This article is lying to you.
Why don’t you throw in your SS number, perhaps your address and a few credit card numbers while your at it.
I’m sure Google pays millions a month for servers to store this information..
.. to help you…..
At the bottom of this very page, in fine print:
Disclosure: I may receive a fee for purchases you make through links I provide to the products mentioned here on Ask Leo!.
They’re certainly not paying me to recommend that you give them your phone number. Did you by any chance read the affiliate disclosure that the footer references? I’m guessing not.
As this article states it is ALL about account recovery. And if you don’t trust them with your phone number, why in anyone’s name would you use their service at all? If you don’t use Google’s services, then this article doesn’t apply to you.
What exactly do you think Google is doing with the phone numbers?
I believe Google (aka Big Brother) is a huge infiltrator of your privacy, track / monitor your usage, target you for marketing pitches based on that usage, and provide your data to others for marketing purposes. Case in point, just received a Text message from Boston Medical group offering Meds. There is an option to “Report Spam” which when clicked, says “the spammers last messages and their number go to Google”.
Then there is “learn more” which takes you to “support.google.com/messages etc.. Ummm… why is google in any way connected or associated with my Text messages? Shouldnt text message spam issues be through my Carrier rather than….Google?
The “learn more” Url includes a ton of code like _spam&vist_id=637099784449xxxxxxxx&rd. Seems like a lot of info about that text message is, without my consent, being pulled from my phone from …Google.
Just my .02
My assumption is that your phone is Android based, which was developed and most of the native apps provided by … Google. If you fear Google you should not use an Android based phone.
For the first time Google is now asking for my phone number to validate me. Not my recovery email, mind you, my phone number. Ya know – I don’t trust them. Not even the feds want my phone number to access my social security or passport info. Just another way for Google to sell me. So I’m going to go with the consensus – F*ck Google. I need a new phone anyway – iphone/apple hear I come – and ditching the Google life.
So you’re OK with Apple having your phone number then (not everyone is). Cool. As long as you set up proper account recovery information and keep it up to date so that when something happens you’ll be able to recover.
yes 2020 recovery email is not enough for real they want your number and not for security reasons thats for sure it must be like gold to them data collectors hard to trust google anymore
And what about “sim swap attack”?
Is giving phone number to Google a real protection of account?
Don’t give more information than you have to.
Giving Google your phone # allows you to recover your account. If you’re OK with not having that protection and possibly losing your account, then fine.
OH MY GOD !!!!!
HELL NO!!!!
After all the DAILY news about hacks, data breaches, etc. YOU’RE an idiot if give any of your personal information to any online business these days !!!!!!!!
Most of those articles on devastating hacks are overblown sensationalist clickbait.
Leo wrote a tip about that:
“Tip of the Day: Headlines Are Written to Make You Click. …Some call it clickbait, others call it marketing, I call it misleading and frustrating.”
The One Thing Every Non-technical Person Needs to Know
Needless to day I disagree.
>Google will not use your mobile phone number to spy, track, or otherwise compromise your privacy.
sure they don’t…
>Google sued by New Mexico over claims it spies on US students
https://www.bbc.com/news/world-us-canada-51591420
Be sure to report back with the eventual outcome of the suit. Being sued is not being guilty.
compromise your privacy.
sure they DO
I’ve never add to recover my account but I but wouldn’t adding your phone make you more susceptible to sim-swap attacks? Would having an app based 2FA on your account mitigate that? Is it really as simple as getting a code by sms? I can’t imagine that with 2FA enabled it would be that simple to recover your account but I can’t seem to find much info about that. Also, I know this is an older article but I saw Mark mentioned adding several recovery address. I can only add one. Am I missing something or did it change since.
Some accounts allow several alternate addresses; others allow only one.
App-based 2FA is better than SMS, but SMS 2FA is better than no 2FA at all.
I just got a letter from my bank saying that they are now allowing users to choose whether to use the app or SMS text. A year ago, they stopped SMS as a second factor and insisted on the app, but now they’ve mad the app optional. My guess is that they wanted to make online banking available to people without smart phones.
The app is actually 3 factor; you not only need to prove the account is yours via owning the phone but then you have to log into the app with an app password or fingerprint.
Google requires a phone number because it’s either convenient or useful to them, not because it’s of value to you. It may not (although it may very well) be malevolent in either goal or use, but it’s not for your benefit, it’s for theirs.
Someone asked to use my phone # for google voice on her PC so we could talk back and forth, she just needed the code sent to me. My question, is this safe to give this person the code so we can talk.
It will give this person the ability to impersonate your mobile number. Is that what you want? Do you trust ’em? There are many other ways to talk.
Too many companies now require mobile numbers just to sign up. Our family recently bought a new wireless router that, just to access the control panel via URL, required us to give them our mobile number AND sign a privacy policy. We returned it and went with a hard-connected security router.
Today, we needed to interact with the support team for a service we bought. They instructed us to reach out to them via Discord. We tried to sign up but need a mobile number. We canceled our service.
We’d been shopping without a hitch on Ebay for many years. To use Paypal to manage payments, you guessed it, we needed to give them our mobile number. So we stopped using Paypal & are now supporting smaller online sellers that respect our family’s privacy prerogatives.
We’ve had the same Gmail account for about 20 years since the company started. No problem at all ever. We (husband/wife) have linked our accounts together in case there’s any problem. Now Google, too, needs our mobile number? There are far too many privacy-respecting email services available to feel obliged to divulge our phone numbers to Google. Hello Proton Mail.
We’ve discovered the one sure-fire way of getting spammed to oblivion is to share our email addresses or phone numbers with companies. No matter what they promise, eventually we get spammed. How did we stop this? By never giving out our real email addresses and by never sharing our mobile numbers.
Mobile numbers aren’t passports. They aren’t national ID’s. We shouldn’t be obligated to divulge personal, private data to corporations that have proven time and again that they’ll gladly prioritize their own interests far above those of consumers or the general community. So if a business “needs” our mobile number, that’s a business our family doesn’t need.
I’ve had the same email account for 35 years, and aside from the times the server was down, have never once had a problem accessing the account.
“You’re not that interesting” is an anti-intellectual gaslighting technique.
No, we’re not that interesting, the myriad entities that want our personal info are not interested in observing us for entertainment, they want our info because they think they can make money with it, either by selling it, showing us ads, telemarketing, scamming, etc.
That we don’t need to fear privacy invasion because we aren’t interesting is an old manipulative canard offered up by scammers themselves.
“What, you care about your privacy? Who do you think you are, a celebrity? C’mon hand it over, nobody cares about you!”
If we’re not that interesting, stop asking as so much about our private details.
That way we won’t have to bore you with our oh-so-mundane details. Problem solved for everyone.
By the way, would you care to enlighten us how a phone number serves the interest of security when ANY phone number can be used? How does Google know that it is your number? Google doesn’t confirm that it belongs to you. Google support even tells phone-less people to use a friend’s cellphone. Oh yeah, it’s about security. A scammer can just use a burner phone to confirm.
It makes zero sense from a security standpoint, and the only reason that stands up to actual logic is that they want it for data mining.
Not that Google mines data, of course. After all, we’re all so uninteresting they wouldn’t possibly care about our boring details. I mean, who do these “privacy” people think they are anyway? A bunch of narcissists if you ask me!
To be clear, you as an individual, are not that interesting. Data collected from masses of individuals, of course, is extremely valuable.
Google confirms the phone number by texting a code, in the usual manner. You have to prove you have access to it before they’ll associate it with your account.
Never been accused of gaslighting before. That’s new. I fear the term is starting to be overused.
If what Leo wrote in the article weren’t true and was for the purpose of misleading people, it would have been gaslighting. Since what Leo is saying is true, it’s not gaslighting.
“Gaslighting is a colloquialism, loosely defined as manipulating someone so as to make them question their own reality.” – Wikipedia
If we ever find out that Google, Microsoft, or other website is misusing date, we won’t hesitate to warn people.