Google account security setup
Hey,
I’ve been tightening up my digital security lately and just went through my Google account’s sign-in settings. Here’s where I’m at :
• 2-Step Verification (on)
• Passkey set up
• Strong password
• “Skip password when possible” enabled
• Authenticator app (OTP through 1Password)
• 10 backup codes generated and stored safely in 1Password
Not yet set up:
- Recovery phone number
- Recovery email (currently unverified)
- Recovery contacts
- Google Prompt
- 2-Step Verification via phone
- Enhanced Safe Browsing (not enabled in Chrome)
Where I’m hesitant:
I’ve read a lot about SIM swapping being a real risk with SMS-based recovery/2FA, so I’ve been avoiding adding a recovery phone number, thinking it might introduce a weak point rather than close one. Same logic made me skip “2-Step Verification phone” as an option.
I’m also unsure about Enhanced Safe Browsing — I get that it improves malware/phishing detection, but I assume it means sending more browsing data to Google in exchange. Not sure if that tradeoff is worth it for someone who isn’t super exposed (I don’t work in a sensitive field, just a regular user trying to be careful).
My actual questions:
Is skipping the recovery phone a smart move given the SIM swap risk, or am I overthinking it since it’d only be used as a last resort (not an active 2FA method) ?
Is an unverified recovery email actually a real risk, or low priority since I already have passkey + OTP + backup codes as my main methods ?
Anyone actually use Google Prompt day to day ? Worth turning on ?
Enhanced Safe Browsing worth the privacy tradeoff, or is regular Safe Browsing good enough for a normal user ?
Is there anything in this list that you’d consider mandatory rather than optional, given what I already have active ?
Trying to get my setup as close to “solid but not paranoid” as possible. Would appreciate hearing what others have actually configured and why.