[probably_wrong]

Except that now Google has my phone number linked to my identity too. I know this is not everyone's use case, but for those of us that care deeply about privacy, that's not a good alternative.

If that's not a good counterpoint, my phone/SMS service sucks when I'm traveling abroad, which is exactly when Google thinks I'm not me.

I wish Google supported TOTP like Github does, without asking for a phone number.

[tetrep]

> I wish Google supported TOTP like Github does... Goid nees, they do! They even have an app for it.

https://en.m.wikipedia.org/wiki/Google_Authenticator

[probably_wrong]

Yes, they do, but there's no way to set it up without giving your phone number first. Whenever I enter into the 2FV options, I have to give a phone number, no alternative. I have no idea why. Sorry I wasn't clear enough.

[nadams]

And a PAM module!

[hbz]

Are you sure that's still the case?

This[1] would seem to indicate you can use a U2F device[2] as an alternative to providing a cell phone for verification.

[1] https://www.google.com/landing/2step/#tab=how-it-works

[2] http://googleonlinesecurity.blogspot.com/2014/10/strengtheni...

[probably_wrong]

My guess is that you can eventually enable that, but not at first. When I click on the "get started" button, I get "Step 1: Set up your phone", with no alternative button in sight.

[JupiterMoon]

Does gmail support using a second email as the second factor? Hotmail does...

[mondoshawan]

The entire account system does.