Google now requires new Gmail accounts to verify via an outbound SMS sent from your phone, blocking virtual number services like SMSpool.
Key Takeaways
Registration flow now uses a QR code that opens an SMS URI on your phone, requiring you to send a text to Google rather than receive one.
This breaks SMS verification pool services (SMSpool, Twilio-backed alternatives) used by privacy-focused users and automated account creation pipelines.
Buying pre-made Google accounts from secondary markets is the current workaround, but carries unknown history and account trust risks.
Google frames the change as anti-phishing/anti-abuse, since outbound SMS is harder to spoof than inbound OTP.
Hacker News Comment Review
Verification of the flow is inconsistent: one commenter completed registration with the standard OTP flow and no QR code, suggesting rollout may be regional or account-type-specific.
The SMS URI mechanism (sms:?number) does not auto-send; it prefills a message in your SMS app. Users on non-standard apps (e.g. Fossify) had to manually copy the number and body and send it themselves.
Commenters treating this as a forcing function to migrate away from Gmail cite existing lockout risks for businesses as a compounding reason, not just the new registration friction.
Notable Comments
@opengrass: Confirmed the SMS URI prefill behavior and noted it silently fails on some Android SMS clients, requiring manual extraction.
@arjie: Successfully registered a new Gmail account with the legacy OTP flow as recently as this thread, suggesting incomplete global rollout.
