I don't trust Google to fill this role of being arbiter of access to things.
After it took me a week to recover access to a GSuite account that I knew the password for (long, unique, stored in a password manager), that I could confirm access via the recovery email, and that had my phone number attached - but Google were insisting that I was a hacker, and Support-robots refused to help me or assign a human until I found the secret Konami Code that summoned a human.
That experience was exceedingly frustrating, and has killed the last ounce of trust I have for them to do anything for which I might rely on.
While they have neat technology, if you fall into one of the cracks, it's near impossible to get support.
I had to invest 50 € to buy back my old phone number for a week to get to my old Google account. I had password, backup email address, could answer the questions. But the google bots insisted on sending me a SMS to a number that didn't existed. There are many points where I lost trust in google, and this was one of them.
I really dislike 2FA when it is linked to a phone number. There were so many situations where 2FA made huge troubles to me, e.g. I traveled to Asia before Covid, lost my phone. No problem, it is just hardware, I got a cheap 100 Euro Xiaomi phone around the corner and a local SIM card. But I could not login to my Gmail account to get the booking confirmations + addresses of hotels + flight ticket confirmations. It was pain, pure pain.
Apple forces me to instal 2FA, but I just don't want. I cannot use a third party app or tool but must use my phone number. This is pure pain to me, because I want to use things like Apple Cash or AirPlay from the phone to the AppleTV.
Is there a better solution? I dont know. But 2FA, especially when linked to a phone number, is terrible - at least from my usability point of view.
Multiple yubikeys has been the best option I've found. You can scan the TOTP QR codes into more than one key when you set up 2fa. (Ones with proper key support are even easier to do).
The reason I prefer it is that I don't want to store 2fa credentials on the cloud and I don't want to lose all my codes if I brick my phone. SMS is a poor 2nd factor, so I'd prefer not to rely on it.
There are other issues, no situation is perfect, but I have found hardware keys to be much simpler in the long run.
I'm currently in a similar situation. Got an email domain snatched from me when it expired without me noticing, and now Google won't even go through the account recovery steps, just keeps sending emails to an address that no longer exists. I swear having a human contact would resolve this in absolutely no time, but that's just not how Google works.
This never ending stream of stories got me thinking that Google leads the world towards a technocratic dystopian society, where all of us live in the mercy of faceless, reasonless pieces of software.
Really can't re-emphasize this enough. Do not depend on any of these large monopolies, but most particularly not google, for anything that matters. They can and will evaporate you in a nanosecond for no reason ("ML says so") and there is no possibility of recourse or even dialogue with any human.
Own your own passwords (don't use "log in with XXX"), own your own domain for email (even if you don't host it, you have the option to do so later instead of being locked out).
You will then get an email to the nominated email address in the form telling you the case is opened. Don't get your hopes up just yet.
A while later you'll get an email telling you that you're not entitled to support because you're on the free plan, and to go through the self reset options (which you already did, presumably via https://accounts.google.com/signin/recovery)
If you reply and explain that you've done this, and you're still getting <the error message specific for you> - it may be assigned to a human. If it's not, try again, maybe with a new case. You will need to be patient - expect 24-48 hours between you sending them email and them responding.
For me, they wanted me to prove domain ownership (TXT records), as well as a whole bunch of information about the account and it's users.
Once I submitted the ownership information it took several more days, and then they send you a one-time reset link to reset the password (yes, even though I knew it).
I feel your pain. I lost my GMail account under very similar circumstances. That means that I also lost my Amazon and Reddit accounts because they send me "verify it's you" emails that I can no longer access.
It's been almost two months now. I managed to get through to a human but they misunderstood my problem, referred me to the wrong documentation, and then stopped replying altogether. I am now shopping for lawyers to sue them under the GDPR for something that any other company would have resolved in an hour or less.
Problems such as these (locked-out; no real support) are shared among all the big social logins providers (Facebook, Google, Twitter, ...). There was a related HN discussion[1] few months ago.
After it took me a week to recover access to a GSuite account that I knew the password for (long, unique, stored in a password manager), that I could confirm access via the recovery email, and that had my phone number attached - but Google were insisting that I was a hacker, and Support-robots refused to help me or assign a human until I found the secret Konami Code that summoned a human.
That experience was exceedingly frustrating, and has killed the last ounce of trust I have for them to do anything for which I might rely on.
While they have neat technology, if you fall into one of the cracks, it's near impossible to get support.