Adding a phone # to my G Account for “recovery” = people hacking my phone?
However, I don't believe my phone is secure. I've read too many stories (@N on Twitter, etc.) about phone companies getting social engineered.
So I removed the recovery phone number (and e-mail address) from my Google Account.
I'm not going to forget my password, and if I drop my 2fa device in a lake, I still have the backup codes.
So I'm not worried about me goofing up and losing access to my account.
But I am VERY worried about a hacker resetting the password to my account.
Is Google's account recovery procedure LESS secure if I don't have a phone added to the account? Is Google willing to grant a password reset request with LESS info if I don't add the phone?
What I really want is a way to lockdown my account that says "No password resets, ever, no matter what."