Hacker News new | ask | show | jobs
by edgecasestdio 1353 days ago
I verify that this is true at the time of posting. In previous volunteer work at a non-profit run by university students, the organization assigned a free Gmail account to each executive. Each year, we ran into a problem where the executives would change, and we needed to transfer the Gmail account to the new person.

Problems would happen when the new person tried to log in to the account. Since the login was from an unrecognized device and an unrecognized IP address, security was tightened. Even after inputting the correct password and entering the right backup email, it was mandatory to enter an SMS message from the phone number tied to the account, even after various troubleshooting and attempted workarounds. That meant getting ahold of the previous executive, who may be busy or changed their number.

You could argue that Gmails weren't meant to be used this way, which is fair; the goal of this comment is just to provide additional evidence that the description provided by the parent comment is true. (In the end, we went for a low-cost, reliable email service to fix the issue in the long-term. We also found that registered non-profits are eligible for free Google Workspace or Microsoft Outlook email plans subject to certain eligibility conditions, though we did not have a need of becoming an officially registered non-profit at the time.)
1 comments
pfooti 1353 days ago
FWIW, if you're the administrator of the organization, you can disable 2FA from the admin console for that user's next login. I've done this a few times for similar reasons.
link
edgecasestdio 1353 days ago
Thanks for the tip, though this just works for a paid Google Workspace email plan (or a free Google Workspace for Nonprofits plan) [1]. We couldn't do this because we were using free personal Gmail accounts at the time (by transferring the credentials from retired executives to new executives) as we lacked budget and formal non-profit registration (to be eligible for the Nonprofits plan) since the group was fairly small and undergraduate student-run.

The difficulties were to be expected as personal Gmails weren't meant to be used like this (the goal was just to share an anecdote about the difficulties of phone numbers used for two-factor authentication with the free service even once a year). The long-term solution we used was to pay for a reliable but low-cost (in comparison to Outlook and Google) email host initially recommended on HN and a few sysadmin forums, to gain access to organization-wide admin features.

[1] https://support.google.com/a/answer/2537800?hl=en#zippy=%2Cc...

link