How about giving the user a big warning to not do that and then block the account if the user continues. This total blocks are crazy. Especially for people who use their Google account for 20+ years or something.
Google's bundling of so many services into one account is becoming a gargantuan liability for them & their users.
This "zero tolerance" policy is just absurdly mega-goliath out of touch with the world. The sort of soulless brain dead corporatism that absolutely does not think for even a single millisecond about its decisions, that doesn't care about anything other than reducing customer support or complexity, no matter what the cost.
Kicking people off their accounts for this is Google being willing to cause enormous untoward damage. With basically not even the faintest willingness to try to correct. Gobsmacking vicious indifference, ok with suffering.
Time and time again it is shown to *not* use your main account for everything. This goes for Apple and having a separate account for development work, for the App Store and your main iCloud account but this also goes for all other SaaS providers.
You are doing groundbreaking new and untested stuff with Claw? Do not use your main account. You want to access your main account's data? Sure, allow it via OAUTH/whatever possible way.
Have separate accounts, people. You don't want one product groups decision in those large SaaS corps to impact everything else.
> Time and time again it is shown to not use your main account for everything.
Good luck opening new google accounts for separation of concern. The new account is banned before the eula page finishes loading.
Google sends code via text msg to my main account phone number to unban, without me ever even filling a phone number.
After a day the account was banned again and pending automatic deletion. The appeal then took an artificial 5 days wait. I had to plead to what I presume is an AI. I had just paid $100 so it's not like I didn't show I was serious.
I am fairly certain that if they ban one account they will also ban the other anyways.
I have multiple Google Accounts and I am running them at the same time without problems. If you really want to separate things use different browser profiles per account. My work Google account never touches my private Google account in terms of browser profiles.
I never had issues with work accounts created via google workplace.
Google forbids you to have multiple identities. It's stated clear in their term of service. Any account you create must be linked to the same identity.
This means that it is trivial for them to ban all your accounts at once.
This also means that the 2factor is difficult to separate. Somebody with an unlocked access to my phone can hijack all my Google accounts by starting a password recovery.
Even though I made sure to never share my phone number to the new account, and I never loggued with it on my phone, and used a different browser session on desktop, it still forcefully sends a notification to my phone when I login because my login is suspicious it says. There is still no phone registered on the new account.
During reinstation of the banned accout I also got a scary msg essentially saying that if they denied my appeal, they might also ban my main account. Chilling.
It seems like a temp ban here would be totally reasonable, like, "we disabled your account for a day here's why, don't do it again". Permanent though, eek!
Nothing new. 10 years ago my (now 20+ year) google account was compromised for a whole 5 minutes. It was used by shady bots, and instantly banned. No warnings, no nothing. Trying to figure out what had happened was a challenge in itself.
Getting through to customer support was impossible.
5 years later I tried to get my account opened up, filled out some forms, and by some miracle it was.
My biggest takeaway from this (other than enabling 2FA) was that it is probably easier to get ahold of the scammers that control your account, than to get ahold of actual human customer support at google / alphabet.
Google will happily screw over users with 2FA as well. A few years ago I was out of state for the funeral of someone very close to me. I lost my phone and then needed to get into my email urgently. I didn't have my computer or any other devices with me and no way to get to them. Fortunately I had actually planned ahead for something like this and added my partners phone number as a 2FA method. So I tried to login with that and Google refused!
Google said that because I had more secure 2FA methods configured it wouldn't allow my to use one of the methods that I had very intentionally configured for exactly this scenario. My opinion of the company was already pretty low but I was still shocked that they would simply discard my security settings without any warning or override option. They made one of the worst trips of my life even more miserable. Google hates their own users so much.
This "zero tolerance" policy is just absurdly mega-goliath out of touch with the world. The sort of soulless brain dead corporatism that absolutely does not think for even a single millisecond about its decisions, that doesn't care about anything other than reducing customer support or complexity, no matter what the cost.
Kicking people off their accounts for this is Google being willing to cause enormous untoward damage. With basically not even the faintest willingness to try to correct. Gobsmacking vicious indifference, ok with suffering.