A large fraction of the stories I’ve been able to find are people who set up 2FA without a spare and then lost it (https://hn.algolia.com/?q=google+account+locked+out, linked in the post). I think this is a serious risk, but it’s also pretty easy to avoid (by always having at least two, ideally three, registered security keys)
A large fraction of the stories I’ve been able to find are people who set up 2FA without a spare and then lost it (https://hn.algolia.com/?q=google+account+locked+out, linked in the post). I think this is a serious risk, but it’s also pretty easy to avoid (by always having at least two, ideally three, registered security keys)