But then it shows two buttons, the first says “Already on” and the second (which is highlighted blue) says “Count me in”
I’m not sure how to interpret these (and therefore which to click).
If it’s already on then surely it won’t present me with the option to click it? So what does the alternative count me in do?
And there’s no close / x button either. Annoying.
The pop-up you’re talking about disgusts me. Not just because it’s terrible but because it colors a good thing.
If you can’t say “no” you didn’t choose. Action taken without choice is forced.
Forcing your user to do what you want is a display of disgust.
Not the way to delight your user. That’s not a way to partner with a user to increase security.
Note to google product people. STOP DOING THAT.
Note to other product people. Don’t ever do that.
1) An experiment to test the level of familiarity that non-technical users have with two factor authentication. That is, does a person who incidentally enabled SMS 2FA understand that having to enter an SMS code every time they log in is a pattern called "two factor authentication" as opposed to just some weird part of Google's login workflow.
2) An artifact of a user's security preferences living in a protected space that can't be accessed by Gmail's frontend. Gmail's dev team got an order to encourage users to enable 2FA and this is the best they could do.
3) A ploy to get people to review their 2FA settings -- or to be sold Titan Security Keys. Google's security team has sent me several emails over the past few months encouraging me to buy these, claiming that I'm at an increased risk of a targeted attack. I'm not fully bought in to their motives.
(All conjecture.)