Google already has the ability to generate one time use recovery codes, at least for gmail accounts -- not sure if it is generally integrated into their Authenticator app. You could generate some recovery codes and put them in a safe deposit box or something I guess.
This sort of solution (and your post office idea) can be, but they don't satisfy the last resort customer service role, for people who haven't set these kinds of recovery options up.
This IS the reply Shelley Rosen needs to see, understand and impart to her patrons. It does not cost anything, it is secure and it works.
I feel 2FA is a class libraries should be teaching. I am off to my local library to volunteer as a resource for that specific purpose. Anybody going to join me at their local library?
I was going to make the recovery code comment myself, but instead I did a search to see if anyone else had done so.
Kudos. If would vote this comment to the top of the discussion if I only could. IMO it should be (part of) a PSA.
This is all well and good if you've got a smartphone with Google's authenticator or have a safe deposit box. The people using a library for Internet access don't necessarily have access to either of those things. They also may have had access at some point in the past but no longer do.
This sort of solution (and your post office idea) can be, but they don't satisfy the last resort customer service role, for people who haven't set these kinds of recovery options up.