gmail not allowing login with valid password
 

how often does one have to login, to avoid gmail not allowing one to login?

not sure how getting phone/email verifies anything if password compromised.

You can click the link at the bottom of your inbox and log out all other sessions.

I think it does it only if you log in from a machine/phone/tablet that has not logged in to your google account before or at least not frequently. I think the idea is that they may have stolen your gmail password but you still have your phone with you. And your other email should have different password than your gmail.

gmail does not allow me access to multiple accounts. it is not a new computer, and while it has been some time since my login to those accounts, it has not been THAT long. i am concerned about gmail not allowing me into any of my (currently working, so far) gmail accounts.

the point of my second comment in OP is if thief has password they give thief's phone/email.
my password is accepted, because it asks for these things. it does not say invalid/locked/etc.
i think i recall creation date for one account, but unclear whether that even makes a difference.

You navigate to gmail.com, enter your email address, and it prompts for Password.

1. If you enter a password, what happens?
2. If instead you click Forgot Password, what information is requested?

Do you have 2 factor authentication enabled for your google/gmail account(s)?

That actually alleviates a lot of the pain/issues you are talking about right now, IMO. And google's implementation of it is pretty good, it uses a well-known public algorithm, with apps available for ios and android and some third parties include it as well (e.g., 1password.) In addition you can authenticate with a usb key, also using a public well-known algorithm, so keys are cheap. You can select the method you use at each login, switching between app/sw algo and usb key at will.

https://support.google.com/accounts/.../6103523?hl=en

https://www.google.com/landing/2step/

Though google might still block a login attempt from a new location, it's easy enough to review and fix, especially when using 2fa. And the 2fa thing alleviates the problem you mentioned about your mail account being compromised as well.

Hint: *securely* save the image/seed if you want to replicate the keys on different devices/software.

-David

You can also use an app, like Authy, that lets you share the key between devices.

thanks, downloading Authy now. It's similar to keeping the key and the seed securely in 1password for me.

-David

Yes, everyone should have 2 factor setup for Google accounts. It's a big risk not to do that. The OP simply may have lost his Google account to a hacker. You can try going through the recovery process, but it did not work at all for me when I tried to help out a family member who lost their account. I even escalated to some Google employees I know. No dice. The account was effectively gone.

Regarding a login attempt from a new location though, that never happens and I'm always in new locations. But login from a new device and you will have to deal with the 2 factor the first time.

I've had it blocked from a new location or new device, not always, but it does happen.

-David

Yeah, maybe the AI running Google is accustomed to me connecting from a new hotel in a new country every other day or so. :)

haha .. it might just be "new device". I'm not 100% positive.

I do remember getting blocked recently. I just had to login using my browser on a laptop and acknowledge that it was me logging in.

-David

i did not lose my account. it has been too long since i logged in, and i guess deleted cookies/etc.

my password is valid and accepted. they want to force 2 factor etc.

again, if password was compromised, then hacker sets up 2 factor. which defeats it.

not sure whether they just accept an email for 2 factor, or how they 'verify' identity...

one thing they ask for is frequent flyer number, which i never gave in first place.

not new device, must be some kind of cookie problem or something.

my only real question is what timeframe google uses for when they stopping allowing logins.

Obscure, but publicly available, information can be used to authenticate a person.

It still isn't clear to me if you have full access to the account, nor why you think the questions are related to the amount of time an account has been dormant.

airlines give frequent flyer numbers to google?

my password was accepted. otherwise it would have said so, right? it accepts password then says i cannot login without something else.

at one point gmail has claimed old device is new device. so that is some kind of cookie or other issue, there is no new device.

accounts i login to more recently are fine. only accounts without more recent login are like this.