[redsky17]

So the reason for that has more to do with my corporate firewall than anything. I do pay for subscription services that I enjoy more than Spotify (currently, Google Play Music and Tidal). However, I cannot have a phone at work, so I can't log into GPM (2FA requires the phone), and Tidal is blocked for other reasons. So that basically just leaves Spotify. I don't want to pay for a third subscription service that I only use for a few hours per day tops.

[vageli]

I was with you until > I don't want to pay for something I only use for a few hours per day tops.

A few hours a day adds up pretty quickly. Though I can understand not wanting _two_ music streaming service subscriptions.

[redsky17]

That's the thing.. I'm already paying for two music streaming services that I use far more often than Spotify. And my wording isn't clear, but I don't listen to it 'a few hours per day every day.' It's more like 'a few hours when I do listen to music at work, which I don't usually do.' I'd guess that it's less than 10 hours per month that I'm listening to Spotify.

[misiti3780]

why dont you just ditch the other two subscriptions and use spotify exclusively ?

[redsky17]

The simple answer is that I don't like Spotify as much as I like GPM and Tidal. Tidal is my go-to for high-quality music when I'm listening at home on my nice speakers. I've found that Tidal has the best radio experience, at least for the type of music I listen to (Spotify and GPM have a bad habit of playing the same exact songs / artists when I do a radio for a particular artist/album/song, Tidal varies it more).

Google play music is simply extremely convenient considering how nicely it works with Google Assistant. Additionally, I have tens of thousands of my own music collection uploaded to GPM that I'm free to download whenever I want without restriction. Spotify lets you play music offline, but it's basically cached and still tied to your premium Spotify subscription.

[dgudkov]

>a few hours per day tops

That looks like a rather active use.

[redsky17]

I should have phrased it differently, but there's a strong emphasis on the word 'tops' there. I'd say that most of the time at work, I don't listen to music at all, and when I do listen to music, it's never for more than two hours per day.

[h4waii]

Google's 2FA doesn't require a phone. Use a USB token, use a secondary email, or use a single recovery code and leave the account logged in in a separate browser used only for GPM.

[redsky17]

Only one of those is sort of an option for me. USB tokens = disallowed. Accessing personal email at work = disallowed. Using a single recovery code is a possibility, but I would have to rotate through them constantly (see other comments in this thread).

[glitcher]

> a few hours per day tops

Multiplied by how many days per year? Seems significant to me.

[corint]

Does Google 2FA still have the option to telephone the code through to a phone? If you have a direct-dial number to your desk phone would that not work? Or any service that lets you read your text messages remotely; Pushbullet or anything offering the same functionality?

[redsky17]

I had no idea that was an option in the first place. I'll have to look into this more.

All of the services that I know of that let you read texts remotely are also blocked at work. Basically anything that falls under the category of messaging or email.

[tomschlick]

> so I can't log into GPM (2FA requires the phone)

Use one of your backup codes?

[redsky17]

I could be mistaken, but it was my understanding that those backup codes are one-time-use only, and that using one basically burns it forever. My cookies get cleared every single time I close my browser, so I would have to continually log back in and keep burning more codes. If I'm wrong about this... that would be excellent.

[jasonjayr]

You can keep a sheet of about 5-10 of them, and generate more when needed.

It's inconvenient, but if your in an environment that disallows phones or other portable electronics (like 2FA Fobs/USB sticks), it may be the only reasonable way.

[Wowfunhappy]

GP would need to remember to generate codes in advance and write them down and bring them to work, on a regular basis. And keep track of which codes were used. Can't speak for others, but this would be way too much effort for me to even entertain.

This is why I really dislike forced two factor authentication. It might make sense in a lot of circumstances, but not for everyone.

---

Edit: Although, if we're talking about Google Play Music, I'm a bit confused, since you can turn two factor off for Google accounts. If you feel you need two factor on your main Google account but not Google Play Music (seems reasonable!), make a separate account for Google Play Music.

[redsky17]

That's not a great scenario for me, either. I'm currently paying $7.99/mo for GPM because I've been a subscriber since the beta. If I switch to another google account just for GPM, I will end up paying $2/mo more.

[redsky17]

I wonder if there's a way to programmatically re-generate the one-time-use codes. It might be a fun project to set something up that emails a one-time-use code to my work email and then regenerates one.

[tomschlick]

What kind of industry do you work in that allows unfettered access to the internet but doesn't allow you to have a phone? Seems backwards...

[redsky17]

There's a massive amount of websites that are blocked, so it's not really what I would call 'unfettered.' The reason that phones aren't allowed is related to the fact that they have cameras / microphones. They don't want someone's infected phone spilling company secrets.

[j0hnml]

I really like google’s music offering, but I the only reason I don’t subscribe is because I listen to music on my work box, and I refuse to sign into Google on it with my personal account