Hey, just to chime in. I'm a MSFTie, so no relevence to G, but have worked on products with similar limitations, and was usually the one arguing _against_ the CC friction at login.
What has become abundantly clear however is that CC gating is a fast way to reduce your malicious traffic _exponentially_; and especially if you're enterprise focused, this doesn't even impact your core strata much.
As a non-corporate-techie in my off-work-time, I absolutely understand the frustration at this inflexibility. During my day job where I'd have to clean up the fires that result from a fully open door policy however? I'd have a somewhat different take.
It's not 100% clear cut "the CC is all just to add spurious friction", is all I mean to say :)
