Tuesday, July 22, 2014

Beware Google's obsessive e-mail security mindset


I learned a lesson this morning, one that's going to take a while (certainly days, perhaps weeks) to sort out.

When I sat down at the computer this morning, our Internet service was out.  A message appeared on screen asking the account holder (our housemate) to contact the service provider about unspecified issues.  (It turned out that a re-issued credit card with a change of expiration date had screwed up the billing and payment cycle, and we'd been caught in the backwash.)  It's going to take a day or two to sort that out.

While waiting (because Internet access is essential for my writing and blogging) I picked up a T-Mobile 4G mobile hotspot from our local Wal-Mart.  It comes with a traffic allowance of 5GB of 4G data, valid for three months from date of installation, which made it by far the most cost-effective option.  Setup was quick and easy, and the only problem I had was rapidly resolved with a telephone call to T-Mobile's unexpectedly helpful and friendly support desk.  (What a contrast with AT&T and Verizon, who appear to staff their help desks with gormless goblins that can only be reached after interminable delays and infuriatingly unhelpful menu systems!)  I was soon back on the Internet and humming right along . . . until I tried to read my e-mail.

Google's Gmail apparently has a persecution complex.  It wouldn't allow me to access a single one of my multiple accounts (used to segregate different types of e-mail), because the IP address and ISP from which I was trying to reach them were new and unfamiliar.  Very fortunately the e-mail account I use to sign into Blogger, and the one I use for most business activities, had been set up to use two-step verification;  so after requesting that an authentication code be sent to my cellphone, I soon had them both up and running.  I hadn't done that for the others, so I find myself barred from access to them at present - including the one I use for readers wishing to contact me from this blog.  I've no idea how to go about resetting them.  Google's asking all sorts of 'security questions' that I have no idea how to answer.  It's ridiculous to ask me what year and month I opened an account when it was over a decade ago and I have no particular memory of it!  I didn't ask for all those additional layers of security, and I'm annoyed that Google implemented them without so much as a 'by your leave'.

I now find myself stuck in administrative limbo until such time as I can figure out who to contact at Google to 'unfreeze' those e-mail accounts.  (If anyone can offer suggestions as to the best and quickest way to do this, I'd love to hear from you in Comments;  but please don't e-mail me, because I probably won't receive it!)  When the dust has settled and everything's back online, I'll implement two-step verification on all my accounts;  but I shouldn't have to do so.  I resent Google making assumptions about my accounts when it has no idea what's going on.  Why should I have to go through such additional, intrusive steps when I didn't ask for that level of security?  If I hadn't implemented two-step verification on two key accounts, I'd be in serious difficulties right now.

Oh, well . . . at least I'm back online.  That helps!

Peter

9 comments:

  1. Maybe you could make the screwed up ones hush mail accounts and just change everything to point to them. That way you won't have all eggs in one basket, if gmail crashes some day then you will have at least others working.

    ReplyDelete
  2. I didn't have that problem when we got internet at the farm.
    Brand new (Hughes) satellite and a brand new laptop opened my g-mail just fine with the password.


    That was about three months ago.

    ReplyDelete
  3. The really silly thing is that THEY'RE the ones you need security from.

    ReplyDelete
  4. This comment has been removed by the author.

    ReplyDelete
  5. Welcome to the world of big brother. A place where they tell you what you want and make sure you do it their way!

    ReplyDelete
  6. What a pain. But, they need to do that kind of thing, because they've been subject to an extraordinary level of hacking activity for years. And, they've been penetrated multiple times. They're a huge, juicy, target.

    My recommendation is always to buy your own domain and set up your own e-mail on a reputable hosting service.

    Free e-mails come with a lack of security, ads, and a perceived lack of professionalism if used for any business purpose.

    Free e-mails come with an utter lack of privacy. They're scanning your mail for keywords to profile you. They sell that data to advertisers. Remember - if the service is free, you're the product.

    Free e-mail accounts are subject to a large number of attacks (often brute force) on their passwords. I moderate an online group (about 500 members) and average about 1 hacked e-mail sending spam to the group every month. Every single one has been a free-service e-mail. Private domains aren't subject to the same level of attacks because the bad guys make more money with less effort attacking the big services.

    Free e-mails are also spam magnets. Having a domain of your own means getting FAR less spam. You're almost not on the radar for the bad guys if you have an oddball e-mail address.

    The domain costs only a few dollars a year, and low level internet hosting is reasonable - I run a substantial business website for $6 a month - and I suspect that less expensive options are available.

    You get the same quality online mail-app access that you have with the free service.

    You have access to help via telephone as well as e-mail etc., and the two services I've used in the past few years have both been exemplary in that regard.

    Best of all, you have control of the security, the mailboxes, passwords etc. You don't have to live with a bureaucracy that doesn't give a darn about what you want - you're paying them (if only a little), and they have an interest in getting it right for you.

    And, like a free e-mail and unlike an e-mail through your ISP, you can take it with you if you move.

    Lastly, when you have a hosting service, that means you can host your own website - no limitations and no ads. It can help drive customers to your books and raise your online presence. It's much more flexible that a simple blog account at blogspot. Many hosting services offer simple templates and website setups, often at no charge.

    ReplyDelete
  7. Not that this is at all helpful, but I've never had a problem accessing gmail from any IP address, ISP, or device. And I have access to many, given work IP's, various devices such as my work iPhone, my Nook, my wife's Nook, etc. Even when I use various VPN's from work Gmail just keeps on connecting with no issues.

    Guess they don't like you. :)

    ReplyDelete
  8. I just had that happen yesterday with my Hotmail (?!)....and they verified through my G-mail account !

    ReplyDelete
  9. You can turn off 2-step verification with the instructions found here:

    https://support.google.com/accounts/answer/1064203?hl=en&ref_topic=2784804

    -Patrick

    ReplyDelete

ALL COMMENTS ARE MODERATED. THEY WILL APPEAR AFTER OWNER APPROVAL, WHICH MAY BE DELAYED.