[ttybird]

I hate this. If I know the password I should be able to log in to my account no matter what (unless if I have 2fa enabled). Sadly companies like Google and MS do not like this idea, they also often use the excuse that they can't verify you in order to mine your phone number.

"Edit: Account recovered. I used chromium to login (which I never do) and then back to Firefox"

How can google keep getting away with this? MS got into trouble with IE with much less.

[junon]

Google denying me access to YouTube videos asking me to verify my age by giving them either my passport or my credit card should be illegal as well.

Then they expanded it to the app store - some apps, even ones that don't seem to need to be age restricted - now require I verify my age in the same way. I just give them the middle finger and manually install the APKs for those apps.

Unfortunately, no way to get around the YouTube restriction though.

Google having a complete monopoly on this stuff has got to end at some point. They have way too much power over what are now pretty mainstream services to the internet, especially since they cannot be completed with by most companies, even those with adequate funding and reach.

[kevincox]

> Google denying me access to YouTube videos asking me to verify my age by giving them either my passport or my credit card should be illegal as well.

Wasn't this added because of some EU law? It seems that YouTube's interpretation was that asking this is the opposite of illegal, actually legally required.

[ycuser2]

The irony is that I have to verify my age on YouTube, but I heard that people don't need this on any porn site for example.

[mc_woods]

UK prawn laws? - proposed and then dropped?

[C4K3]

You can get around the youtube restrictions using yt-dlp (fork of youtube-dl) There are video players such as mpv that integrate with youtube-dl/yt-dlp so you can watch videos without saving them.

[junon]

Including the age restriction? I don't see how that's possible. I know some typical bypass methods work for some of the other checks but they've never worked for the age requirements.

I'll give it a try though, thanks. There are some High Boi videos I still haven't seen :|

[sharklazer]

Keyhole, Jigsaw. Deep ties to defense.

[ajross]

The request for a phone number is precisely a 2FA mechanism, and that's how it's being used. I don't understand what the bad faith you're assuming on Google's part is. What do they want that phone number for otherwise?

[danaris]

If they're asking for a phone number after they've already decided you're not trusted enough with just your password, that is not 2FA.

If you're not trusted, then any phone number you give shouldn't be trusted, either.

If you're trusted enough to be let in when you give a phone number, then you should be trusted enough to be let in without it, and then asked for a phone number, if one is really needed for 2FA.

[Adverblessly]

Indeed this is not a second factor.

I assume this restriction is against automation. As a complete guess on the heuristics: If the phone number you gave them is a "virtual" one, you are out. If it was used too frequently for recovery, you are out. If they are already familiar with it as belonging to someone else who is unlikely to also own the current account, you are out.

With those heuristics you need to provide a "fresh" phone number that likely belongs to a real person and costs real money to purchase and you are unlikely to want to "burn" for just 5 out of 5,000,000 of your automated attempts.