| A critical question is what threat models you're worried about: Are you worried about an individual interested specifically in you, Jeff B, to get something worth many thousands of dollars that they know you have? Don't put a human in the loop, they're going to track you across Facebook/LinkedIn/local government resources, they're going to know more about your car registrations and when you bought your home than you know about yourself, and they're going to be able to very convincingly social engineer a human in the loop if one exists. Or are you worried about a group of hackers continuously crawling the web for a database dump from some service you and ten thousand other people signed up for, or some flaw in the authentication sequence to automatically sign everyone in the database and all their contacts a spam network for pennies per person? Their scheme falls apart if they have to call a human, because it's just not worth the time to look up your public records and talk to a human about you. Second, what happens after you get hacked? Are you more concerned whether you no longer have access to something very important to you? For example, if you've distributed business cards or have contacts stretching back decades with jeffb@gmail.com, losing that account might mean an old friend or business contact fails to find you again. Having a human in the loop for the last-resort password reset can prevent completely losing access. Or are you more worried about someone getting access to the data behind your login? You've presumably got backups, so you'd rather no one ever had access again than some malicious third party got the password to your crypto wallet, SSH keys to your website, or other private data. Those have very different ideal responses. Unfortunately, most people tie both categories together in their single Google account, or in an Amazon account tied to both shopping and AWS resources. |