Avoiding SSO to keep access even if you loose access to bigCo email has been working well, but unfortunately more & more websites are moving away from password to instead verification code in the email.
Sure there are advantages to it, but if the email is bigCo, it effectively has the same drawbacks as SSO from same bigCo (i.e unfair account suspension, you're screwed)
With email+password, even if you lost access to let's say your Gmail, you can still login with that Gmail address and your password and go change the email in your account profile.
Yeah. I've moved most of my critical stuff off my GMail address onto a Google Workspace account, just sucks that not everything works with a Google Workspace account. I am just hoping that actually paying them money makes it a little less likely my account will get suspended.
I also don't use the account for anything that could get a suspension. No public user content, not used for SSO, and I don't have anything programmatically accessing my account. I know there's still a non-zero chance of getting nuked, but my risk as near zero as it gets.
Sure there are advantages to it, but if the email is bigCo, it effectively has the same drawbacks as SSO from same bigCo (i.e unfair account suspension, you're screwed)
With email+password, even if you lost access to let's say your Gmail, you can still login with that Gmail address and your password and go change the email in your account profile.