[redsky17]

I could be mistaken, but it was my understanding that those backup codes are one-time-use only, and that using one basically burns it forever. My cookies get cleared every single time I close my browser, so I would have to continually log back in and keep burning more codes. If I'm wrong about this... that would be excellent.

[jasonjayr]

You can keep a sheet of about 5-10 of them, and generate more when needed.

It's inconvenient, but if your in an environment that disallows phones or other portable electronics (like 2FA Fobs/USB sticks), it may be the only reasonable way.

[Wowfunhappy]

GP would need to remember to generate codes in advance and write them down and bring them to work, on a regular basis. And keep track of which codes were used. Can't speak for others, but this would be way too much effort for me to even entertain.

This is why I really dislike forced two factor authentication. It might make sense in a lot of circumstances, but not for everyone.

---

Edit: Although, if we're talking about Google Play Music, I'm a bit confused, since you can turn two factor off for Google accounts. If you feel you need two factor on your main Google account but not Google Play Music (seems reasonable!), make a separate account for Google Play Music.

[redsky17]

That's not a great scenario for me, either. I'm currently paying $7.99/mo for GPM because I've been a subscriber since the beta. If I switch to another google account just for GPM, I will end up paying $2/mo more.

[redsky17]

I wonder if there's a way to programmatically re-generate the one-time-use codes. It might be a fun project to set something up that emails a one-time-use code to my work email and then regenerates one.

[tomschlick]

What kind of industry do you work in that allows unfettered access to the internet but doesn't allow you to have a phone? Seems backwards...

[redsky17]

There's a massive amount of websites that are blocked, so it's not really what I would call 'unfettered.' The reason that phones aren't allowed is related to the fact that they have cameras / microphones. They don't want someone's infected phone spilling company secrets.