I have a Galaxy Tab device, but have already signed out from it and reset the tab to factory.
However, in my Google account, there is still a device of "Galaxy Tab", added 200+ days ago, in the "Security > Google prompts" section, although I have already revoked all the devices in the "Security > Your devices" section.
I have changed my Google account password, and the operation was successful. However, the response message says that the "Galaxy Tab" will still be logged in.
Google Account allows keep previous logins after changing password, as a convenience to users using a shorter password to register a new Android device, e.g., Galaxy Tab, as the registration setting up requires typing password on the touch screen. Then the user can change back to a strong password by the Password Manager, and the device keeps the login.
I just realized that this feature can be useful to hackers. If you leaked password some time before, and the hacker has setup a Google Prompt device, then you can never get rid of him, not even by changing password.
I highly suspect the "Galaxy Tab" is not my Galaxy Tab, instead, it is an unauthorized device still having access to my Google account, e.g., the emails.
I need help to revoke the access of this suspicious "Galaxy Tab", and remove it from the "Security > Google prompts" section.
However, the hacker may still have access to my email, so he may see my email conversation with Google Technical Support. Before I see Google’s reply, he can delete the email and take preemptive actions.
What can I do to revoke access on this suspicious device?
I appreciate your patience and help.