It's supposed to be easy to get a library card! The threat of an out-of-towner getting a local library card is nothing like a stranger getting access to your inbox.
So we have come full circle: starting from a call for help from a librarian seeing lots of people unable to access their accounts because of 2FA, we have proposed various methods of avoiding that, and then concluded that it's better if 100 people are locked out of their own accounts rather than letting one unauthorized person access an account that isn't theirs? I guess that's Google's position as well, because if they let someone unauthorized log in they might be liable, whereas if they lock 100 people out they can say it's their fault...
No, I'm saying those situations aren't comparable. We should not conclude librarians will be poor stewards of MFA reset powers just because they are lax in giving out library cards.
