Gmail email security options, should i only have 1 instead of 3 setup?

[SnoopZ]

I've been reviewing my Gmail accounts which only had a weak password for logging in, these have been changed via Bitwardens generator so it's completely random and i have also set the MS Authenticator app on my 2 mobile devices.

My confusion is now i have also setup other login security options as below and im concerned whether i should disable these and just rely on the MS Authenticator app?

Access to my mobile devices is via biometric fingerprint.

Should i remove the below options or keep them, my recovery options are text message and backup email.

Text code to phone (isnt this bad if my number got spoofed?)

Google Prompts to both mobile devices

 

 

[+Warwagon MVC]

On 11/03/2023 at 08:12, SnoopZ said:

Should i remove the below options or keep them, my recovery options are text message and backup email.

Text code to phone (isnt this bad if my number got spoofed?)

Google Prompts to both mobile devices

The odds of your phone being spoofed is slim, but it's also the weakest link. Personally Once I enable an authenticator, and backup all the QR codes  (in case I have to restore my athenticator on a different phone) Then I disable sms

I also print off a list of backup codes, but to my surprise those codes are pretty worthless. Yes they will act as an authetnicator code, but then Google also says they sent you a verification code to an email address you are trying to get into ..WTF Google.

I also recommend adding the authenicator to all your devices, phones and tablets.

[SnoopZ]

On 11/03/2023 at 19:02, Warwagon said:

The odds of your phone being spoofed is slim, but it's also the weakest link. Personally Once I enable an authenticator, and backup all the QR codes  (in case I have to restore my athenticator on a different phone) Then I disable sms

I also print off a list of backup codes, but to my surprise those codes are pretty worthless. Yes they will act as an authetnicator code, but then Google also says they sent you a verification code to an email address you are trying to get into ..WTF Google.

I also recommend adding the authenicator to all your devices, phones and tablets.

I've mirrored ms authenticator to my 2 mobile devices can't stand Google authenticator with no biometric login, I've got recovery emails setup too so I will disable SMS.

What about device prompt login, that kind of makes everything else pointless doesn't it?

[+Warwagon MVC]

On 11/03/2023 at 13:15, SnoopZ said:

I've mirrored ms authenticator to my 2 mobile devices can't stand Google authenticator with no biometric login, I've got recovery emails setup too so I will disable SMS.

What about device prompt login, that kind of makes everything else pointless doesn't it?

It does and it doesn't. I was recently helping someone who had their account compromised and it was kind of a cat and mouse game to get control of it again. In the process what I realized, is it's very easy to accidentally click allow login when that prompt appears for someone else to log in. I much prefer the much more deliberate authenticator code.