> I’d rather granny needs to visit the bank to get access to her account again

Visiting the bank is fine. But who do you visit to recover your Gmail password?

For the record, if you're in the EU you can make a GDPR request to their Data Protection Officer - since it's your data what's being kept away from you, you have the right to at least a backup.

It can take months and it only guarantees a backup, not full access, but it's better than nothing.

▲

kbolino 9 days ago | parent | next [-]

Even if they provide you with a dump of their database records on you, you will not be able to recover your password from the salted iterated hash, PBKDF2, bcrypt, Argon2, or whatever else irreversible function they used to store it.

▲

aembleton 9 days ago | parent | prev [-]

How would you prove to their data protection officer that you are the owner of that Gmail account?

	▲	probably_wrong 9 days ago \| parent [-]
		In theory: they can ask for ID, sworn affidavit, or whatever other means their local laws determine to be valid. At the end of the day, proving that someone owns something is not a new problem. I've also seen "here's some evidence that I know what the contents of the account are, my legal name matches the account and my legal address matches some emails there". In practice: in my case, anecdotally, they just did it. For some reason owning the backup email account was not enough for the automated workflow to unlock my account, but sending a letter threatening to sue under the GDPR somehow changed their minds.