> if an account hasn’t been used for an extended period of time, it is more likely to be compromised. This is because forgotten or unattended accounts often rely on old or re-used passwords that may have been compromised, haven't had two factor authentication set up, and receive fewer security checks by the user. Our internal analysis shows abandoned accounts are at least 10x less likely than active accounts to have 2-step-verification set up.
Ah yes, because as we all know, the best way to prevent a robbery is to preemptively burn down the whole building. Good luck stealing from me once all my belongings have been turned to ash!
---
To be a bit more charitable, it may true that in some cases, getting hacked is worse than just having your account deleted. I'd posit this is the case for a small minority of users, especially when the overall chance of being hacked is still far from 100%.
By the way, what about accounts that do have two-factor authentication enabled? Are those exempted?
If Google wants to delete inactive accounts, that's their prerogative, but don't hide behind some security argument.
Ah yes, because as we all know, the best way to prevent a robbery is to preemptively burn down the whole building. Good luck stealing from me once all my belongings have been turned to ash!
---
To be a bit more charitable, it may true that in some cases, getting hacked is worse than just having your account deleted. I'd posit this is the case for a small minority of users, especially when the overall chance of being hacked is still far from 100%.
By the way, what about accounts that do have two-factor authentication enabled? Are those exempted?
If Google wants to delete inactive accounts, that's their prerogative, but don't hide behind some security argument.