Long story short about how I naively and foolishly set up 2FA using that account’s GVoice number for verifications and also knew nothing about needing to save GAuthenticator tokens externally, and later on, that device went permanently MIA:

With correct passwords and confirmation of the 2FA phone number (but no access to that 2FA phone), without any lockout imposed, and even though the 2FA account recovery security AI is devastatingly limited in its verification options, I verify the correct contact number and it forwards the SMS over, but I can’t access the text until I use the back email — I can and therefore should be able to verify with other legitimate means one-on-one with live homeland (Palo Alto) personnel who understand the injustice of it and are willing to manually assist in the recovery process, even if perhaps off the radar.

The third-party overseas Google One paid subscription-based tech “support” personnel I’ve thoroughly exhausted are entirely unequipped to correct anything, they’re totally incompetent, apathetic, and dismissive very slyly, barely within the parameters of their employee tech “support” scripted responses (pretty much the same shady behavior as most cellular company’s overseas tech “support”).
They aren’t real tech support, nor even Google employees, and have no backend access like Google’s unavailable homeland security team does. They even lie about scheduling a follow-up with a supervisor because there is no hierarchy of managerial phone support personnel.
The important details are that they work for a third-party subcontractor that imposes a different employee policy in a country far from Palo Alto, California.
The whole organization is a skeleton in a closet.There’s just nothing there for customer support.
Paid subscriptions to One are worse than worthless because those Filipinos can’t afford to be moral in that role in that country.

I know this is possible because articles have been published, specifically by Ron Miller at Tech Crunch (see link below) stating privileged connection for members of the media who use their publicity to leverage justice — which has been evident for him in the form of relayed access to informal backend tech support personnel — through someone who knows someone at Google.

https://techcrunch.com/2017/12/22/that-time-i-got-locked-out-of-my-google-account-for-a-month/

“On December 5th, I sent a note to a PR contact who I work with on Google-related news and I told him about my problem. He said he had gotten my case escalated and I should hear within 24 hours.”

“The Reset command never came.”

“On December 18th I contacted the poor beleaguered PR contact yet again and he wrote back. They wanted me to go through the process again except using my TechCrunch email instead of my other alternative. I pushed back that I already had an open case, but he suggested I do it and see it what happens.”

“Reunited and it feels so good I started the process entered my Techcrunch email and was simply asked to enter a new password and I was back in. After all that, that was all it took. I was ecstatic to have my digital life back, but I’m still shocked at a) how easy it was to lose access and b) how little recourse there was to get it back.”

So this is possible, and given the multitudes of dissatisfied Google employees and ex-Google employees, especially in this dawn of the degoogled Fediverse, I envision real possibilities.

TL/DR
So I’m here to request connection with anyone and everyone who can connect me to some real backend support before my account becomes scrubbed from the server.

=============

Verification I can provide:
• Access to the GVoice number with its voicemail password. With that, it should be made possible to confirm an audio verification code sent as a voice message instead of the default SMS I cannot access — if an audio verification message could be generated by Google support personnel. Good idea really. • Password histories
• Temporary security Codes which the recovery process was supposed to prompt but did not
• Email addresses of incoming and outgoing emails
° Screenshots of Drive filesystem and filenames
• Screenshot of IP address of connected Chromebook
• Chromebook browser bookmarks

==============

Recordings and Documentation onhand:

• Emails and chats with Drive personnel

• Emails and chats with Google One’s Philippines subcontractor which includes attachments proving the Chromebook that was connected to the account is still in my possession connected to an alternative Google account, and those emails include screenshots of the IP address of the Chromebook with the Google Play Services Security Codes, which collectively prove my ownership of the limbo account. They ignored it.
The emails also include attachments of my photo ID. Bad idea, but I’d probably be fortunate if they abused that or jeopardized it anyway.

• Phone conversations with dozens of fully incompetent subcontracted, third-party Google One personnel based exclusively in the Philippines The recorded calls exhibit their discriminatory call center tactics and complete lack of any corrective resources are all whatsoever (not an embellishment).

=================

I want to know exactly who will present real password reset options because this is extremely important. I can’t contact twenty years of contacts anymore or ever again until Google just grants a password reset to me.

  • Clerkle@lemmy.worldOP
    link
    fedilink
    arrow-up
    1
    arrow-down
    7
    ·
    edit-2
    1 year ago

    TL/DR: I’ve thoroughly looked into those ideas to no avail. I don’t think you’re following the details either.

    ==========

    Google’s recovery process is the only way.

    It’s not. “the only way”. You needed to read that yourself. Tech Crunch was offered a privileged loophole hookup.

    Google’s protocols don’t meet the needs of the function Google creates, especially resulting from hiring waves more recently than the earlier days of integrity. And it’s dysfunctional, including when followed properly. You didn’t read the link I provided. You’re wasting my time making me have to appease you just to qualify the necessity of efficient problem solvers. I reciprocated with answers to every single question you asked along with rants to counterbalance your negligence of the substantial testimony I linked.

    Clearly, hookups are occasionally put through to unconventional password resets. I don’t need nay-sayers. This necessitates perceptive vision and fierce optimism. I need those who fathom the possibilities and know what it takes to get through this in the way the Tech Crunch guy was hooked up. Expect this to be a major brain exercise, even for an accounts security senior personnel.

    Also, it sounds like you have access to a Chromebook that is signed into your account?

    It’s easier to just say this corporate backend tech is easternized western manufacturer’s planned obsolescence; or that it’s a demonically hateful hippo handicapping consumers out of sport. And it is, hence popular opinion against economics-oriented consumer-focused capitalistic corporations. Financial greed is catastrophically far from altruistic wisdom. It’s got a shithead ex-president thinking he can powermonger a federal judicial system out of the record-level pit of criminal hell into which he dug himself. Anyways . . .

    I only pulled that Chromebook out of storage in hopes to use it as a 2FA verification device while attempting access from my replacement phone. That wasn’t possible, though, somewhat evidently also somewhat not impossible.
    The Chromebook’s Google account in the Chrome browser app was logged in from being logged in a year prior to the 2FA phone going MIA. There were account web tabs still open, and I knew it, so I gave those a look, until they auto-refreshed into logouts.

    Logging into the Chromebook online at its lockscreen login would demand 2FA verification with the MIA device.
    After the account became inaccessible online, I could only log into the ChromeOS laptop login profile disconnected from wifi at the laptop lockscreen login. The old password worked with the Chromebook offline, but wouldn’t log in online with those old credentials.

    Once in the laptop profile using the OS, the Chromebook was usable only for its OS environment using the previous login credentials offline, including deep enough into account settings to find the Play Services Security Codes — until the OS insisted on an update to the updated version (and subsequently updated 2FA credentials).
    Even within the accessible OS environment, the account connectivity was not abundant enough to refresh any long-standing open browser tabs. I could only grab OS-availed account info offline.
    The Drive app stored the filesystem locally, so the app shows the folders offline.

    Or verify through email?

    Access to the verification email addresses is contingent upon access to the main email address.

    Or through a trusted device?

    That’s the GVoice number of that inaccessible account. From my experience of 2FA while I had it unwisely set up that way, using my GVoice number of that account worked perfectly well to utilize the free GVoice line for SMS verification to keep my personal cell number perfectly private from Google.

    ===============

    Rants

    Google didn’t lead on about the complexity of 2FA. They just expected naive users to agree to the pop-up prompts to activate 2FA in as few uninformed seductive steps as possible. They wanted naively trusting users to fall through the cracks, handicapped without access. They never even clued users into the responsibilities. That info is only minimally in the help pages that people search out after it’s too late.

    And Google contracted with third-party overseas Filipino call centers to lie to users through false advertisement that those foreign cultures could possibly grasp all this detail I’m describing enough to entitle that third-party company to claiming a title of tech support? They refuse to provide ambitious support through to resolve. They DO NOT go above and beyond ever. They’re more like vulture landlords dishing out negligence and discriminative displacement behind the back of the naively-trusting property owner.
    That’s the realm of the creek this put me up, to say the least.

    This needs arbitration in the form of continual class action. But that’s not news to anyone here.

    • trashgirlfriend@lemmy.world
      link
      fedilink
      arrow-up
      8
      ·
      1 year ago

      I have worked for google customer service in the past, and the chances of anyone being able to do anything “off record” especially with account access is fucking nill.

      Brother you are delusional.

      • Clerkle@lemmy.worldOP
        link
        fedilink
        arrow-up
        1
        arrow-down
        9
        ·
        edit-2
        1 year ago

        Did you read the entire Tech Crunch story at that link I provided? Clearly, you didn’t. That story proves you dead wrong.
        I challenge you to prove your claim in light of the facts provided in that Tech Crunch story. You won’t be able to do so because his story clearly states he fulfilled every prompt correctly, yet, Google’s lousy recovery AI proved dysfunctional and even entirely dismissive.

        You say you worked entry level customer service for Google.
        In what region of the globe was your customer service role positioned?
        Was it scripted to follow only the catastrophically limited help pages verbatim? You know those are a total joke, right?
        Regardless, did you ever formally contest your training material and company mentorship when the materials they provided left you unable to successfully recover rightful access to user’s accounts for those users who desperately needed you to do absolutely everything humanly possible to see it through to successful recovery?
        Or did you only think about the paycheck and therefore only complacent compliance which subsequently left those displaced users permanently handicapped without any access to their personal intellectual property?
        Do you even care enough to be heroic however possible when company policy demands complacency?

        Why are you even attempting to suggest something so pathetic as to give up? How dare you.

        In fact, thank you for helping me realize I should be reaching out into a community and space populated by ex-employees of Google who were senior level personnel when they decided to leave Google for higher ethics elsewhere.

    • cbarrick@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      1 year ago

      Have you tried just getting a new phone with the same number as your previous 2FA device?

      • Clerkle@lemmy.worldOP
        link
        fedilink
        arrow-up
        1
        arrow-down
        7
        ·
        edit-2
        1 year ago

        You didn’t read the details or you’re misunderstanding something. The only phone number relevant in this issue is the GVoice number. GVoice doesn’t function according to the terms you just suggested.

        • cbarrick@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 year ago

          I understand how Google Voice works. I was using it from the moment that Google acquired Grand Central.

          What I understand about your problem:

          • You have a Voice number A
          • You had a mobile number B
          • You setup Voice to forward from A to B
          • You enrolled 2FA using number A
          • You lost access to mobile number B, so you cannot receive 2FA codes via Google Voice SMS forwarding.

          If I am misunderstanding your situation, that is because you haven’t explained it clearly.

          I am suggesting that you just get a new mobile phone with number B. Your Google Voice routing rules will continue to work.

          • Clerkle@lemmy.worldOP
            link
            fedilink
            arrow-up
            1
            arrow-down
            5
            ·
            edit-2
            1 year ago

            Actually, we just think in different structures. That theory is not reality. The GVoice number sends to the device logged into that Google account, not the phone number. The 2FA requires verification by the GVoice number, not the private cellular line.

            If I am misunderstanding your situation, that is because you haven’t explained it clearly.

            I encourage you to attempt that statement all over India throughout the multitudes of language variances there. Perhaps you’d take it back. Clearly is a universally controversial definition throughout the world of ambitious communicators. Who are you to judge my intricacies based on your foreign outlooks. I’m not you. I speak my language, not yours. Your comprehension is your achievement, not my achievement. I explained it clearly enough for those with accurate solution to recognize this as viable application of their ability to provide solution. The people with the experience and competence to mastermind solutions clearly recognize the indicators of the experiences they have already identified in concept form and masterminded through to solution. If you don’t understand my experience, then you wouldn’t have the solution, even if I brought you into enlightenment by further insight.

            I need conversations with Google security personnel or investigative members of the media.
            Anyone lower in chain of command operates mindlessly and apathetically according to orders. I swear the only people that think autonomously work at the top of a company or its departments, or else fiercely independently.

            • cbarrick@lemmy.world
              link
              fedilink
              English
              arrow-up
              3
              ·
              edit-2
              1 year ago

              The GVoice number sends to the device logged into that Google account, not the phone number. The 2FA requires verification by the GVoice number, not the private cellular line.

              So you are using Voice without a real phone number to back it up?

              You are supposed to have a backing phone number linked to your Voice number. This is an anti-fraud measure to prevent bad actors from gaining virtual numbers. Google Voice is not at all designed for that use case.

              https://support.google.com/voice/thread/1390905/can-i-use-the-mobile-google-voice-app-without-a-linked-cell-phone-number?hl=en

              Presumably you used a real phone number to do the initial setup, then removed the routing rule and intended to use the phone number purely through the web UI and/or app.

              So you created a chicken-and-egg situation for yourself. You need to be logged in to access the 2FA code to login.

              Unfortunately, you will not be able to resolve this outside of official channels. (Note that the PR department used by tech reporters counts as an official channel, just not one that you have access to.)

              • Clerkle@lemmy.worldOP
                link
                fedilink
                arrow-up
                1
                arrow-down
                1
                ·
                edit-2
                1 year ago

                So you are using Voice without a real phone number to back it up?

                Google Voice is not at all designed for that use case.

                If it’s not possible to create a GVoice account other than by it’s design, then obviously it’s in good standing according to its design — and not in any way which is “not at all designed”. It’s a perfectly functional account created however it’s designed to allow.

                Presumably you used a real phone number to do the initial setup, then removed the routing rule and intended to use the phone number purely through the web UI and/or app.

                I can’t see those settings right now without access to that account, and the terms you’re using are not visible in the app, not by those those terms anyway. I fine tune by experiment, so if it’s possible, then maybe, but GVoice is not a highly customizable app, certainly not to any extreme extents.

                then removed the routing rule

                First, I’m genuinely curious to understand if this is entirely relevant as a potential factor in the experience of the 2FA issue.
                And could you please rephrase this according to the terms in the section of the app settings that would allow this?