[throwawayay02]

I really dislike this notion of many internet companies of their own self-importance. To me the obvious example is a website that requires you to set up a very strong password and link a phone number. A user account is a two way street, the website should give you the tools for good protection, and you should use them if it matters. If it doesn't matter to me let me use a weak password. If it doesn't matter to me let someone hack my account, what do I care. And if the user doesn't care why does the website owner? Why should hackernews care more about my user account than myself for example? It could be argued this position of security maximalism is due to cutting costs on customer support, for account recovery, but as I understand it Google doesn't have customer support already.

[Latty]

Frankly, this is just wrong. Maybe for some circumstances, but in Google's case, they provide email.

When it comes to things like email, your account being compromised doesn't just affect you. Google let people send out emails from those accounts, so if a compromised account is used for spam, it hurts them reputationally as they are actively facilitating harm.

You might not care if that account is compromised, but they should.

[brokencode]

1. Many uses are not computer experts and don’t realize they’re at risk. They won’t adopt extra security measures unless they need to.

2. No company wants to announce that a bunch of accounts were hacked. The excuse that “our users don’t care” would be widely criticized.

3. Well yes, of course companies want to reduce customer support costs, but guess who else benefits from not needing customer support? The customers. It’s better to avoid a problem in the first place than to have great mechanisms for resolving it.

[swiley]

The problem is that you have to have an account on google to participate in a number of communities. Because of this they have social scaling problems that might be fundamentally unsolvable and in their attempt to find a solution they've done things like this.

[bobbyi_settv]

Even if you don't care if someone hacks your Google account, the rest of care when we start getting deluged with spam from that Gmail address.