Doug Van Dorn
Original Poster
Oct 7, 2020

Google Services forces password change and then only recognizes old password

I got an e-mail stating I needed to review my Google Account needed to have its security settings checked.  When I clicked the link in the e-mail, *Google's security system* went through a proper re-verification, sending me both an e-mail and a text link for re-verification.  I changed my password and then closed everything out, logged out of Google, logged back in, and suddenly the new password doesn't work.  The old password still works.

Also, while changing my password, I tried using several passwords that I am extremely sure I had not used before with Google, and they just came up with a red "Type a password" prompt on the change screen, as if I hadn't typed anything.  I changed it all around, and it still took something like 10 different tries with different variations on passwords I am capable of remembering, for it to accept a new password.  And then, as I say, it's as if I never changed it as far as logging into my Google Account is concerned.

If it weren't for the fact that I got what appears to be valid re-verification steps in there, I would suspect I was hacked.  But I did get valid Google system reverification steps, which all look correct.  

Are your security systems having issues?  Note this is NOT the "it is the customer's responsibility to set up security" issue that y'all always fall back on.  These are *extreme* and *troubling* glitches in y'all's security systems.

I am beginning to feel like I live in a country run by organized crime.  Since when did we become the Soviet Union?  Oh, 2016, that's right... sigh...

Doug Van Dorn
Details
Account Access & Recovery,Web,details_other
Locked
This question is locked and replying has been disabled.
Community content may not be verified or up-to-date. Learn more.
All Replies (6)
bkc56
Diamond Product Expert
Oct 7, 2020
The most likely explanation is that you have multiple accounts on the device, and you are accidentally changing the password on a different account than the one you are trying to access.  If you correctly update the password for a  given account, there is no way it would still be accepting the old password.
Doug Van Dorn
Original Poster
Oct 7, 2020
No, that's not it, because I only have the one account on this computer.  And other devices logged in using the same Google username and password, with apps like YouTube, still log in without changing their passwords. Appears to be a password harvester from the server side, i.e., at Google's servers.
bkc56
Diamond Product Expert
Oct 7, 2020
Appears to be a password harvester from the server side, i.e., at Google's servers.
 
Nope.  There's no such thing.
 
It could be interference from some password manager you use on that computer.  If you have another computer available, or can log in using a guest account, try doing the change there.
Doug Van Dorn
Original Poster
Oct 7, 2020
Here is another odd happening connected to Google.  On my Android phone, I was texting to a friend when a message in Spanish appeared, as if I sent it, on my friend's phone.  Translated, it was what seemed to be a commonplace text asking "what is the name of the hotel where Carmen I works?  When do I get off work?  I appreciate you answering me black."  The last word was negra, black in Spanish, looks like a text typo but back in Spanish is volver, no way someone in Spanish typed negra when they meant a form of volver.  Something extremely strange is happening, and as I say, it's at the server level.  All the symptoms scream it's at the server level.
Doug Van Dorn
Original Poster
Oct 7, 2020
Yet another oddity, I received a note from my ISP, Comcast, thanking me for my new order for services.  I never made any changes (worked for them, still get employee priced services) and calling Comcast confirmed this.  That makes three separate services that have glitched badly on me today, two directly connected to Google.  My anti-virus reports no issues, I see no indicators that my personal accounts have been hacked.  It appears more like bots designed to worm into systems at the server level ate compromising the Google password manager,, and then going on to find other related servers to attack.  And hey, Google told me today to change a stored password for Sprint, as their passwords have recently been compromised in a data breach.  Nothing from Sprint about that, in fact they deny it.  What is up at the server level???
bkc56
Diamond Product Expert
Oct 7, 2020
compromising the Google password manager
 
Even if someone could get access to the password database on Google servers (virtually impossible) the data is one-way encrypted so no one could get your password out of it.  In addition, if there was a breach like you theorize, there would be hundreds or thousands of threads about it, not just you.
 
You'd have to get Comcast to explain just what happened with that notification as that's clearly unrelated to Google.
false
15079195017741124228
true
Search Help Center
true
true
true
true
true
70975
Search
Clear search
Close search
Main menu
false