Hackers discover way to access Google accounts without a password::‘Exploit enables continuous access to Google services, even after a user’s password is reset,’ researcher warns

    • MrScottyTay
      link
      fedilink
      English
      1211 months ago

      It still requires someone to be able to log in to get a token that can be stolen though.

    • @Akuchimoya@startrek.website
      link
      fedilink
      English
      1011 months ago

      Running Google Ads requires uploading your drivers license or passport. I’m a volunteer at a teeny non-profit. Why should I have to surrender that level of personal information for a business/non-profit account where I’m not even employed (no one is, it’s all volunteers)? I didn’t, and the account was suspended.

      • @brbposting@sh.itjust.works
        link
        fedilink
        English
        311 months ago

        I wish advertisers had to put their DNA on file. Not really but the amount of fraud is unbelievable. See a few Joe Rogan, Elon Musk deepfakes shilling supplements and “esavers” and you wonder what more should be done. Even with great verification advertiser accounts still get highjacked!

        Not sure what your best option would’ve been. It’s a pickle.

    • Buck
      link
      fedilink
      English
      311 months ago

      I was able to bypass that by logging into YouTube without a phone number, and then going to Google accounts. Not sure if that still works.