>It could be very difficult to login to an account like Gmail from overseas in the event of PC+phone[+hardware key] theft

Literally happened to me in Poland, which is why I avoid passkeys like the plague.

(The thief got caught months later. That didn't help me.)

>Maybe no big deal if you can port your number to a new phone right away.

T-Mobile won't mail a SIM card overseas, and I doubt others will either. There is no "maybe", it's a certainty that you won't be able to.

>Or maybe the trusted friend can help

Yeah, my wife literally mailed me SIM card to Poland.

It took over week.

And a "trusted friend" would first have had to get it somehow.

>Or maybe the trusted friend can help (unless Google still finds the login suspicious after all, no idea there)

At least I logged into my accounts from that city before the laptop and phone were stolen, so my logins were not "suspicious".

That's with a password.

_____

PS: screw Citibank's mandatory phone -based "2FA".