[_jal]

Dirty little secret: when software vendors speak, they will frequently blur the purpose of a given security measure and who, exactly, it protects.

This measure helps protect Google. And much like a politician stretching the definition of the national interest to include themselves, Google might say that they're protecting you by protecting themselves.

[kmeisthax]

If Google can use this to rate limit sign-ins more effectively, then it does protect users, since the limiting factor on password security is time to crack.

[Wowfunhappy]

I want the ability to change these types of settings for my account. They can be buried in an advanced menu somewhere.

I have a password manager. My Google password is a long, unique string of random characters that I don't use on any other service. If someone does break into my Google account, it will be because they broke into my password manager and/or successfully phished me (or hit me on the head with a $5 wrench). Number of retries will have nothing to do with it, unless they have a computer from the future.

I am much more concerned about Google locking me out of my account some day in an attempt to stop someone from breaking in, then I am about someone else actually breaking in.

[kcartlidge]

Upvoted for the subtle xkcd reference :)