I do agree that adding some kind of backup option is probably a good idea. For many people, losing their email account would mean being locked out of basically all their online accounts (or, in case the account gets compromised, it would mean that all other online accounts would now be compromised too). The majority of people do not use password managers or 2FA, and I’ve made the experience that many people simply cannot be convinced to make online security a priority.
While I’m also a FOSS and online privacy advocate and use tons of self hosted services for that reason, having some way to regain access to their Google account is almost certainly worth the extra data point that Google gets access to. Especially since the likelihood of them already knowing about your phone number is basically 100% if you are logged in on an Android device.
I do agree that adding some kind of backup option is probably a good idea. For many people, losing their email account would mean being locked out of basically all their online accounts (or, in case the account gets compromised, it would mean that all other online accounts would now be compromised too). The majority of people do not use password managers or 2FA, and I’ve made the experience that many people simply cannot be convinced to make online security a priority. While I’m also a FOSS and online privacy advocate and use tons of self hosted services for that reason, having some way to regain access to their Google account is almost certainly worth the extra data point that Google gets access to. Especially since the likelihood of them already knowing about your phone number is basically 100% if you are logged in on an Android device.