If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#16
|
|||
|
|||
Security message from Google
On 27/11/2018 17:18, 😉 Good Guy 😉 wrote:
On 27/11/2018 11:22, Bill Ward wrote: My wife does not have a computer at the moment Get her a Linux junk.Â* For eMail, Facebook, Twitter and web browsing this is all she needs.Â* Go to any Linux newsgroup and ask them if they are looking for someone to takeaway their clunker.Â* They might even pay you to take it away!!! -- With over 950 million devices now running Windows 10, customer satisfaction is higher than any previous version of windows. Windows is enough of a problem for her without trying to teach her new tricks:-) Bill. |
Ads |
#17
|
|||
|
|||
Security message from Google
On 27/11/2018 17:45, Neil wrote:
On 11/27/2018 6:22 AM, Bill Ward wrote: My wife does not have a computer at the moment and I have added her E-Mail address to my Outlook folder. Why has this message came up for her ? "Someone just used your password to try to sign in to your account from a non-Google app. Google blocked them, but you should check what happened. Review your account activity to make sure no one else has access." Bill. This is a standard response that I get from GMail whenever the account is accessed from a device presumably not included in its links. It even does it when I access my GMail account from my laptop! Google notion of "security" is one of the worst jokes running these days. Noted ! Bill. |
#18
|
|||
|
|||
Security message from Google
On 27/11/2018 18:04, Ralph Fox wrote:
On Tue, 27 Nov 2018 11:22:14 +0000, Bill Ward wrote: My wife does not have a computer at the moment and I have added her E-Mail address to my Outlook folder. Why has this message came up for her ? "Someone just used your password to try to sign in to your account from a non-Google app. Google blocked them, but you should check what happened. Review your account activity to make sure no one else has access." Google recognizes that the access was from a different computer. Google does not know whether the different computer was authorised by your wife or not. Hence the warning. As I say it is the first time for the message after have her E-Mail being on my PC for quite some time. Bill. |
#19
|
|||
|
|||
Security message from Google
On 27/11/2018 20:32, Bill Ward wrote:
Windows is enough of a problem for her without trying to teach her new tricks:-) Bill. So you've married a pumpkin? This says something about you as well. Were you desperate? -- With over 950 million devices now running Windows 10, customer satisfaction is higher than any previous version of windows. |
#20
|
|||
|
|||
Security message from Google
Let Donald Trump eat your wife's feces,
then see if the message returns. |
#21
|
|||
|
|||
Security message from Google
On Tue, 27 Nov 2018 12:36:16 -0600, Mark Lloyd wrote:
On 11/27/18 11:56 AM, Ralph Fox wrote: [snip] It is not IMAP that Google regards as insecure; it is any authentication method other than OAuth2. * FYI: Screen-shot of OAuth2 setting in TB: http://i.imgur.com/dPUg7N3.png What else do you have to do to get that working? Not much at all. Just #2 below. 1) When you change the Gmail account to OAuth2 in Thunderbird, Thunderbird will pop up a window which asks for your Google account username and password. 2) You enter your Google account username and password in this pop-up window. 3) Thunderbird will then go off to Google and get an OAuth2 code to use for logging in to Gmail. The OAuth2 code is automatically saved for future use, with your saved passwords at "Tools Options Security Saved Passwords". Just be aware Gmail only supports OAuth2 with IMAP and SMTP, not with POP. -- Kind regards Ralph |
#22
|
|||
|
|||
Security message from Google
On Tue, 27 Nov 2018 20:36:13 +0000, Bill Ward wrote:
it is the first time for the message after have her E-Mail being on my PC for quite some time. You may now be connecting from either (a) a different IP address range, or (b) a different ISP, or (c) a different geographic location. Gmail doesn't know whether that is still you or a hacker trying to get into your wife's Google account. As I say For the record I did not see a "for quite some time" in your original post; but I did see an "at the moment". |
#23
|
|||
|
|||
Security message from Google
"Ralph Fox" wrote
| It is not IMAP that Google regards as insecure; it is any authentication | method other than OAuth2. | It sounds to me like it's about letting adware access your personal info, not about security as such.: "OAuth.....to grant websites or applications access to their information on other websites but without giving them the passwords.[1] This mechanism is used by companies such as Amazon,[2] Google, Facebook, Microsoft and Twitter to permit the users to share information about their accounts with third party applications or websites. ..... OAuth 2.0 provides specific authorization flows for web applications, desktop applications, mobile phones, and smart devices." In other words, "All your data are belong to us, but we don't want Russian hackers to get it." The idea seems to be aimed primarily at adware/datamining apps on phones that need to get your permission to access/share your data, then need to do that transparently in the future. I don't see any aspect of increased security. Only convenience. TBird goes to Google and gets a code. How does it get the code? By sending your password. This seems to be a public version of former attempts at universal ID, like Microsoft's Passport, having become more relevant as interactive, adware services on phones need to deal with numerous permissions for varied personal data. If Google wants it for email it's likely that they want to confirm and track your activities more easily across devices. Email is a very simple conversation with the server: "Hi, it's me. Here's my password. Got anything for me?" "As a matter of fact we do. Here you go." That's it. There are no extra, optional APIs or "widgets" involved that might call for "an open standard for API access delegation". |
#24
|
|||
|
|||
Security message from Google
On 11/27/18 2:02 PM, Neil wrote:
On 11/27/2018 1:08 PM, Ralph Fox wrote: [snip] I use Firefox, not Thunderbird to access GMail. Firefox does IMAP? |
#25
|
|||
|
|||
Security message from Google
Ralph Fox wrote:
On Tue, 27 Nov 2018 20:36:13 +0000, Bill Ward wrote: it is the first time for the message after have her E-Mail being on my PC for quite some time. You may now be connecting from either (a) a different IP address range, or (b) a different ISP, or (c) a different geographic location. Gmail doesn't know whether that is still you or a hacker trying to get into your wife's Google account. [(Of course) Not dumping on you (Ralf) or anybody else for that matter:] Yeah, this 'security' is quite handy when you use your laptop for doing exotic things, like on a mobile connection, a Wi-Fi hotspot, etc.. NOT! If anyone can stomach all the dirt on this, have a look at the thread "Google screwed up my Gmail acct in Thunderbird" of early September in newsgroup alt.windows7.general. The bottom lines from that thread a - If you use IMAP, configure TB for OAuth2 authentication. See the responses in *this* thread for details. - If you use POP, you can configure an 'app password' in Google. See Ralph's posting on the subject *that* thread. (FWIW, I rather live with the annoyances than with the app password 'cure'.) |
#26
|
|||
|
|||
Security message from Google
On 11/28/18 2:12 PM, Frank Slootweg wrote:
[snip] - If you use IMAP, configure TB for OAuth2 authentication. See the responses in *this* thread for details. I tried it and found that OAuth2 requires Javascript, something I disable (in Thunderbird) for security reasons. [snip] -- 27 days until the winter celebration (Tue Dec 25, 2018 12:00:00 AM for 1 day). Mark Lloyd http://notstupid.us/ A "pay per" might be a coin-operated cat simulator. |
#27
|
|||
|
|||
Security message from Google
On 11/28/2018 3:07 PM, notX wrote:
On 11/27/18 2:02 PM, Neil wrote: On 11/27/2018 1:08 PM, Ralph Fox wrote: [snip] I use Firefox, not Thunderbird to access GMail. Firefox does IMAP? Whatever. I don't use it to access any other email accounts. It accesses Gmail and I don't have to jump through any hoops beyond logging into its horrendous user interface. -- best regards, Neil |
#28
|
|||
|
|||
Security message from Google
On 28/11/2018 20:07, notX wrote:
On 11/27/18 2:02 PM, Neil wrote: On 11/27/2018 1:08 PM, Ralph Fox wrote: [snip] I use Firefox, not Thunderbird to access GMail. Firefox does IMAP? Firefox does very good Web UI to access GMAIL. Why would anybody use TB to access eMails when Web Interface is all you need to get the message. Always keep your messages online for safety and easy access. Google looks after your Email free of charge or if you have gSuite (like I do by virtue of free give-away due to being a good customer!!) then make use of the service you are paying for. I have 5 domains hosted on Google all free of charge because I have been with them since they started this. Now there isn't a free service unless you pay about £50 per year per user. Microsoft it is the same - NO FREE service for custom domain. -- With over 950 million devices now running Windows 10, customer satisfaction is higher than any previous version of windows. |
#29
|
|||
|
|||
Security message from Google
On Wed, 28 Nov 2018 14:17:02 -0600, Mark Lloyd wrote:
On 11/28/18 2:12 PM, Frank Slootweg wrote: [snip] - If you use IMAP, configure TB for OAuth2 authentication. See the responses in *this* thread for details. I tried it and found that OAuth2 requires Javascript, something I disable (in Thunderbird) for security reasons. If it needs JavaScript, it is only for the initial creation of an OAuth2 code when you first switch to OAuth2. That uses an embedded web browser window in Thunderbird. Turn JavaScript on for that and turn it off again immediately afterwards. The ongoing OAuth2 authentication each time you get email does not use the web. It uses SASL over IMAP or SMTP. BTW JavaScript is always off for emails in Thunderbird. It would only be on for an embedded web browser window. -- Kind regards Ralph |
#30
|
|||
|
|||
Security message from Google
On 11/29/18 12:02 PM, Ralph Fox wrote:
[snip] BTW JavaScript is always off for emails in Thunderbird. It would only be on for an embedded web browser window. IIRC, I don't need JS disabled in the browser window. I'll try turning it back on. -- 24 days until the winter celebration (Tue Dec 25, 2018 12:00:00 AM for 1 day). Mark Lloyd http://notstupid.us/ "The government ought to stay out of the prayer business." -- Jimmy Carter |
Thread Tools | |
Display Modes | Rate This Thread |
|
|