Joke’s on them. Google locked me out of my account when I refused to give them my phone number.

What’s most concerning is how this “restoration” process can be done multiple times if the victim never becomes aware that they’ve been compromised. Even worse is how even after a Google Account password reset, this exploit can be used one more time by the bad actor to get access to your account.

Does this mean if you change your password twice you’re fine? Or is the second sentence just worded awkwardly?

Laughing (respectfully) in GrapheneOS