Google account registration now requires the user to send an outbound SMS to Google via QR code, blocking virtual SMS services like SMSpool.
Key Takeaways
The new flow uses an SMS URI QR code: scanning opens a pre-filled text message that the user must send from their real phone to Google.
Outbound SMS verification breaks virtual number services (SMSpool and similar), which previously received an inbound verification code.
Privacy-focused users creating pseudonymous accounts have no clean alternative; buying second-hand accounts carries its own trust and security risks.
The change is framed as an anti-abuse measure, but the original poster notes it is not impossible to circumvent, only harder.
Hacker News Comment Review
Flow reports are inconsistent: at least one commenter registered a fresh Gmail account in May 2026 with the standard inbound-SMS flow and no QR code, suggesting the new flow may be A/B tested or region-specific.
The technical claim that “scanning a QR code automatically sends an SMS” was questioned; the QR code is an SMS URI that opens a compose screen, requiring manual send, not an automatic trigger.
Commenters debated Google’s culpability vs. structural lock-in, with one noting Google voluntarily created dependency by out-competing paid providers on storage, making the “roped into infrastructure” framing self-serving.
Notable Comments
@arjie: Registered a fresh account in 2026 with the old inbound-SMS flow intact, no QR code seen, suggesting inconsistent rollout.
@8cvor6j844qw_d6: Google Workspace signup friction already pushing small businesses to alternative workspace solutions before any lockout occurs.
