There are no other options. This is even more stupid than the phone number verification thing. Attemping to logging to Google Play Store on that wiped device (which previously was logged in to the account) doesn’t work either.
Luckily, this is a throwaway account, not much data of value was lost. FRP on the wiped device was also off.
But like, what is the point of this. Suppose, my phone got stolen. How am I supposed to log in to Google to initiate a remote wipe, if it ask for a verification code which is on the phone that the thief has?
Zero logic at all. 🤦♂️
Edit: And MFA was never enabled. Just to clarify.
The most annoying part is you may get this for a previous phone even if you have registered a new phone. If you really want to avoid Google’s forced MFA the best way is to actually enable MFA and generate some airplane codes. Those can generally be used regardless of what Google asks at the time and you can store them offline or even memorize a couple. Probably not as secure but at least you won’t get locked out.
This is a good reminder. I recommend everyone grab their takeout data every now and then, but also, print out the 6 codes and put them in a safe deposit box, safe, bury them in a ziplock bag inside of a coffee can in your yard, etc. Hopefully it will be a waste of your time, but if you need them, they’ll be there.
They’re just called “backup codes” now. But yeah.
Also, Google will outright not allow you to log in even with all authentication methods if it doesn’t like your IP or browser.
Airplane codes? Was that an autocorrect for API?
No. When you enable 2FA Google gives you about 10 backup codes that will always work regardless of if you have access to your authenticator app.
Apparently they’re called backup codes now. I could swear they used to be called airplane codes (because they’re offline ig). It’s just some randomly generated 8-digit codes.
You can’t enable MFA without a phone number or a mobile device.