My Google Workspace account suspension

Original Article ↗ Hacker News Discussion ↗

Overall sentiment on Google Workspace and support

  • Many describe Google support as unresponsive, opaque, and highly inconsistent across products.
  • Workspace support is seen by some SMEs as “good enough” when you can reach a human by phone; others report being trapped in automated loops with no resolution.
  • Several anecdotes: years‑long AdSense bans, undelivered promos (Gemini, Google One, Pixel offers), unresolved billing issues, and arbitrary enforcement.
  • Contrast is drawn with Microsoft 365/Azure, which is also messy internally but is perceived to prioritize paid support more consistently.

Security, 2FA, and lockout dynamics

  • Commenters agree the OP’s changes (removing phone, traveling, provider change) look like classic account‑takeover signals to automated systems.
  • Strong criticism that Google’s UX conflates 2FA phone and recovery phone, making it easy to unintentionally remove a critical recovery path.
  • Multiple reports that SMS is effectively “load‑bearing” even when passkeys, TOTP, backup codes, or security keys are configured; some users are locked out because of lost/changed phone numbers.
  • Some see Google’s security posture as overly rigid and misaligned with real‑world travel and phone number churn.

Risk management, backups, and operational practices

  • Recurrent theme: cloud account bans are a non‑zero risk; you must design for “what if I’m suddenly locked out?”
  • Advice includes:
    • Own your domain and be prepared to switch MX to another provider.
    • Separate super‑admin and daily‑use accounts; ideally have 2–3 admins.
    • Maintain external backups (e.g., regular Takeout, third‑party Workspace backup tools).
    • Avoid using a single Big Tech identity for SSO everywhere.

Alternatives and de‑Googling

  • Suggested alternatives: Microsoft 365, Fastmail, Proton, Zoho, other hosted email; some advocate self‑hosting (with caveats about spam deliverability and admin burden).
  • Others explore self‑hosted IAM (Keycloak, Kanidm) or “de‑Googling” via homelabs and personal clouds.

Regulation, utilities, and legal angles

  • Strong support for treating large identity/email providers more like regulated utilities, especially given the potential to destroy businesses or personal lives.
  • EU Digital Services Act and digital identity schemes are mentioned as partial steps; opinions vary on whether EU regulation is effective or overbearing.
  • Small‑claims or mass arbitration are floated as theoretical remedies, but are seen as burdensome or impractical at consumer scale.

SSO and “Login with X” concerns

  • Many warn against relying on Google/Apple/Facebook login, especially when it’s the sole option (with Tailscale frequently cited).
  • Some acknowledge SSO boosts sign‑ups but argue it deepens vendor lock‑in and cross‑site tracking.