If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
Oauth2, GMail, and Thunderbird
In another thread, someone mentioned that enabling OAuth2 in
Thunderbird made Google happy (ie, fewer security warnings received). I use Thunderbird to access my GMail account via IMAP. I occassionally get a warning from GMail that my account is more vulnerable to attacks because I have a less secure access method enabled. I ignore those warnings because I thought that was necessary in order to receive mail via IMAP. But, the OAuth2 comment in the other thread made me question that. I checked my settings and found I am using OAuth2 in Thunderbird. However, I am still getting the warnings from Google that I am less secure than I need to be. They give me a single "Fix this" button but no technical explanation of what that will do. If I press that button, will IMAP still work? (Note that I also access my gmail account from an iOS phone so that needs to continue working, too. Finally, I use Thunderbird to access accounts on a number of different servers and accounts, so I have no desire to switch to GMail's web interface or their iOS app. I like having all my eamil come to one place - Thunderbird on my PC and Apple's Mail app on the phone.) Any advice is appreciated. Pat |
Ads |
#2
|
|||
|
|||
Oauth2, GMail, and Thunderbird
"Pat" wrote
| I use Thunderbird to access my GMail account via IMAP. I | occassionally get a warning from GMail that my account is more | vulnerable to attacks because I have a less secure access method | enabled. I don't use gmail, but are you aware of Google's obsession with 2 factor validation? They like to send a text message to your phone rather than just trusting your password! I found that out when my very elderly father couldn't get his email. He complained that Google wanted his phone number, but it that hadn't helped. (He'd entered his landline number, and I'm guessing Google didn't explain it clearly. As with the messages you're seeing, they don't seem to think their customers do or should care about the details.) I don't remember the solution but I seem to remember that it was possible to tell Google to simply shut up and get the mail. |
#3
|
|||
|
|||
Oauth2, GMail, and Thunderbird
Pat wrote:
I use Thunderbird to access my GMail account via IMAP. I occassionally get a warning from GMail that my account is more vulnerable to attacks because I have a less secure access method enabled. If you're sure all devices are using https/oath instead of imap/pop, then you can disable the "less secure" option https://support.google.com/a/answer/6260879 |
#4
|
|||
|
|||
Oauth2, GMail, and Thunderbird
On 11/29/2018 8:25 AM, Pat wrote:
Finally, I use Thunderbird to access accounts on a number of different servers and accounts, so I have no desire to switch to GMail's web interface or their iOS app. I use ATT Yahoo, and normally get my email from multiple accounts with Thunderbird. However I use the ATT Yahoo filters to eliminate most of the spam. I mention this as I use the web email interface and Thunderbird interchangeably with no problems. I assume the the Yahoo web email interface and the ATT Yahoo email interface are the same. However I am not sure if email going to the ATT email server, inbound.att.net, is handled the same as the one at Yahoo. -- 2018: The year we learn to play the great game of Euchre |
#5
|
|||
|
|||
Oauth2, GMail, and Thunderbird
On 11/29/18 5:25 AM, Pat wrote:
In another thread, someone mentioned that enabling OAuth2 in Thunderbird made Google happy (ie, fewer security warnings received). I use Thunderbird to access my GMail account via IMAP. I occassionally get a warning from GMail that my account is more vulnerable to attacks because I have a less secure access method enabled. I ignore those warnings because I thought that was necessary in order to receive mail via IMAP. But, the OAuth2 comment in the other thread made me question that. I checked my settings and found I am using OAuth2 in Thunderbird. However, I am still getting the warnings from Google that I am less secure than I need to be. They give me a single "Fix this" button but no technical explanation of what that will do. If I press that button, will IMAP still work? (Note that I also access my gmail account from an iOS phone so that needs to continue working, too. Finally, I use Thunderbird to access accounts on a number of different servers and accounts, so I have no desire to switch to GMail's web interface or their iOS app. I like having all my eamil come to one place - Thunderbird on my PC and Apple's Mail app on the phone.) Any advice is appreciated. Pat Hi Pat, I support Thunderbird. I see this all the time. I just ignore them. Some customers don't seem to get bothered by this and some do, so I can't put my finger on it. Yahoo eMail is a pain in the a*** over this too. Use OAuth2 or get harassed endlessly. Several of my customer eMail backup reports through gMail and need to turn on less secure apps as these backup programs usually do not support OAuth2. (You are lucky is they support SSL/TLS.) Also, Google makes a lot of money off of scanning your eMail and popping up adds. Thunderbird blocks all this, so I am suspicious that Google is messing with Thunderbird at times, but I can't prove it. To administer less secure apps: https://www.google.com/settings/security/lesssecureapps You will eventually need to unlocking captcha too: https://www.google.com/accounts/DisplayUnlockCaptcha -T |
#6
|
|||
|
|||
Oauth2, GMail, and Thunderbird
Mayayana wrote:
"Pat" wrote | I use Thunderbird to access my GMail account via IMAP. I | occassionally get a warning from GMail that my account is more | vulnerable to attacks because I have a less secure access method | enabled. I don't use gmail, but are you aware of Google's obsession with 2 factor validation? They like to send a text message to your phone rather than just trusting your password! Yeah, 2FA via SMS is ever so handy! For example when you're in another country, use a local SIM to avoid ridiculous roaming charges and Google locked you out from (POP/IMAP) Gmail, because you're on a different IP and that can't be right, can it!? So you want to log into your Google Account to undo Google's paranoia, but Google send its 2FA SMS to your 'home' SIM, which is not in your phone, so you don't get the SMS. Catch-22! Why are all my four other MSPs (Mail SPs) so stupid that they can't come up with such a brilliant If-it-ain't-broken-we'll-break-it scheme!? One of said MSPs is even my recovery email address for my Google Account, so Google's lock-up messages *do* still come through! What's the fun in *that*!? I found that out when my very elderly father couldn't get his email. He complained that Google wanted his phone number, but it that hadn't helped. (He'd entered his landline number, and I'm guessing Google didn't explain it clearly. As with the messages you're seeing, they don't seem to think their customers do or should care about the details.) Minor nit/addition: Using a landline number is fine (FSVSVO 'fine'). Google will do a voice call to that number. I don't remember the solution but I seem to remember that it was possible to tell Google to simply shut up and get the mail. |
#7
|
|||
|
|||
Oauth2, GMail, and Thunderbird
On Thu, 29 Nov 2018 08:25:30 -0500, Pat wrote:
In another thread, someone mentioned that enabling OAuth2 in Thunderbird made Google happy (ie, fewer security warnings received). Not exactly. 1. Google want you to turn off "allow less secure apps" in your Google account settings. That is how you get the fewer security warnings. 2. The OAuth2 setting allows you to keep using Thunderbird with Gmail when "allow less secure apps" is turned off. I use Thunderbird to access my GMail account via IMAP. I occassionally get a warning from GMail that my account is more vulnerable to attacks because I have a less secure access method enabled. I ignore those warnings because I thought that was necessary in order to receive mail via IMAP. But, the OAuth2 comment in the other thread made me question that. I checked my settings and found I am using OAuth2 in Thunderbird. However, I am still getting the warnings from Google that I am less secure than I need to be. This probably means that "allow less secure apps" is turned on. They give me a single "Fix this" button but no technical explanation of what that will do. My guess is that the button you are seeing is a button to turn off "allow less secure apps" in your Google account settings. If I press that button, will IMAP still work? So long as you are using OAuth2 with Gmail, and not "normal password". (Note that I also access my gmail account from an iOS phone so that needs to continue working, too. If the iOS Mail app uses OAuth2 then it will keep working. I haven't tried to find out. Finally, I use Thunderbird to access accounts on a number of different servers and accounts, so I have no desire to switch to GMail's web interface or their iOS app. The "allow less secure apps" setting will not affect your other mail accounts, not unless those other mail accounts are actually managed by Gmail. I mention this because a few ISPs have outsourced their email service to Gmail. I like having all my eamil come to one place - Thunderbird on my PC and Apple's Mail app on the phone.) Any advice is appreciated. Pat -- Kind regards Ralph |
#8
|
|||
|
|||
Oauth2, GMail, and Thunderbird
Pat wrote:
In another thread, someone mentioned that enabling OAuth2 in Thunderbird made Google happy (ie, fewer security warnings received). You didn't bother to identify the other thread by its Subject or Message-ID. You sure the other thread didn't note the server-side option to disable the OAUTH2 requirement (enable "less secure apps")? I use Thunderbird to access my GMail account via IMAP. I occassionally get a warning from GMail that my account is more vulnerable to attacks because I have a less secure access method enabled. I ignore those warnings because I thought that was necessary in order to receive mail via IMAP. But, the OAuth2 comment in the other thread made me question that. I checked my settings and found I am using OAuth2 in Thunderbird. However, I am still getting the warnings from Google that I am less secure than I need to be. They give me a single "Fix this" button but no technical explanation of what that will do. If I press that button, will IMAP still work? I suspect the problem is your account defined within Thunderbird doesn't have an OAUTH2 (how they track you by your client with its key). You may have to delete the Gmail account in Thunderbird and create a new one. At the time you create the new one, have it use OAUTH2. Then the Gmail server will give Thunderbird an OAUTH2 key. Note that I also access my gmail account from an iOS phone so that needs to continue working, too. Don't know if it is the same for the iOS app, but the Gmail app on Android doesn't use standard e-mail protocols. It isn't using IMAP. It is using commands in Google's Gmail API. That is Google's protocol. https://developers.google.com/gmail/api/ When using Google's Gmail app on your iOS device, have you EVER gotten a prompt there about that app being insecure? Finally, I use Thunderbird to access accounts on a number of different servers and accounts, so I have no desire to switch to GMail's web interface or their iOS app. I like having all my eamil come to one place - Thunderbird on my PC and Apple's Mail app on the phone. Each client on each host will need to get its own OAUTH2 key. IMAP synchronizes each client to whatever is on the server. In effect, the server is the backup to which all the IMAP clients will sync. That way, you could uninstall your IMAP client and install it again, install a new OS and then install an IMAP client, install an IMAP client on a different host, and each will see the same content when they all connect to the same IMAP account. The Android (and probably the iOS) GMail apps don't use IMAP or any standard e-mail protocol. They sync to the account using Google's Gmail API. Both IMAP and Gmail API sync to what is on the server, so all those clients will see the same content. If "Apple Mail app" means something other than Google's Gmail app, my guess is the Apple app uses standard e-mail protocols, like IMAP, to your Gmail account; however, any programmer can implement the Gmail API, so it's possible the Apple app uses that API when connecting to Gmail. This is a Windows 10 newsgroup. If you want to find out how the Apple Mail app connects to Gmail, ask in an Apple newsgroup. I happen to use an Android smartphone, so I know how Google's Gmail app works with their Gmail service (but there is a newsgroup for Android users, too). |
#9
|
|||
|
|||
Oauth2, GMail, and Thunderbird
On 29/11/2018 14.25, Pat wrote:
In another thread, someone mentioned that enabling OAuth2 in Thunderbird made Google happy (ie, fewer security warnings received). I use Thunderbird to access my GMail account via IMAP. I occassionally get a warning from GMail that my account is more vulnerable to attacks because I have a less secure access method enabled. I ignore those warnings because I thought that was necessary in order to receive mail via IMAP. But, the OAuth2 comment in the other thread made me question that. I checked my settings and found I am using OAuth2 in Thunderbird. However, I am still getting the warnings from Google that I am less secure than I need to be. They give me a single "Fix this" button but no technical explanation of what that will do. If I press that button, will IMAP still work? (Note that I also access my gmail account from an iOS phone so that needs to continue working, too. Finally, I use Thunderbird to access accounts on a number of different servers and accounts, so I have no desire to switch to GMail's web interface or their iOS app. I like having all my eamil come to one place - Thunderbird on my PC and Apple's Mail app on the phone.) Any advice is appreciated. What google wants is you disable "less secure" connections at their web page. At the server side, not at you client side. If you only use "approved" applications on all your devices, then you can do it. Else ignore the message. -- Cheers, Carlos. |
#10
|
|||
|
|||
Oauth2, GMail, and Thunderbird
"Frank Slootweg" wrote
| Why are all my four other MSPs (Mail SPs) so stupid that they can't | come up with such a brilliant If-it-ain't-broken-we'll-break-it scheme!? | It sounds like you're having no end of fun. Color me jealous. | I found that out when my very elderly father | couldn't get his email. He complained that Google | wanted his phone number, but it that hadn't helped. | (He'd entered his landline number, and I'm guessing | Google didn't explain it clearly. As with the messages | you're seeing, they don't seem to think their customers | do or should care about the details.) | | Minor nit/addition: Using a landline number is fine (FSVSVO 'fine'). | Google will do a voice call to that number. | I'm impressed the Googlites know about landlines. Maybe they did call my father after all, while he was at the senior center, trying and failing to get his gmail from the only machine and IP he ever uses. But I can rest easier knowing there are no snoops at the senior center who managed to eavesdrop on his chats with his WW2 buddies by using his password. I thought that Ethel with the leopard print walker and the blue hair looked suspicious. |
#11
|
|||
|
|||
Oauth2, GMail, and Thunderbird
On Thu, 29 Nov 2018 14:00:22 +0000, Andy Burns
wrote: Pat wrote: I use Thunderbird to access my GMail account via IMAP. I occassionally get a warning from GMail that my account is more vulnerable to attacks because I have a less secure access method enabled. If you're sure all devices are using https/oath instead of imap/pop, then you can disable the "less secure" option https://support.google.com/a/answer/6260879 Interesting. I found a lot of info at that link, but I'm more confused than before. 1. I didn't know I had a google admin account. I'll have to look into that. 2. Regarding your "if you are sure..." sentence above, I thought I was using IMAP but the OAuth2 checkbox is checked. Is that https/oath or imap/pop? Thanks, Pat |
#12
|
|||
|
|||
Oauth2, GMail, and Thunderbird
On Fri, 30 Nov 2018 06:16:14 +1300, Ralph Fox
wrote: On Thu, 29 Nov 2018 08:25:30 -0500, Pat wrote: In another thread, someone mentioned that enabling OAuth2 in Thunderbird made Google happy (ie, fewer security warnings received). Not exactly. 1. Google want you to turn off "allow less secure apps" in your Google account settings. That is how you get the fewer security warnings. I understand and agree. But, your following point is what I was unsure about. 2. The OAuth2 setting allows you to keep using Thunderbird with Gmail when "allow less secure apps" is turned off. That is my real question. Of all the responses, you are the only one to word it that way. I guess I'll give it a try and see what happens. I use Thunderbird to access my GMail account via IMAP. I occassionally get a warning from GMail that my account is more vulnerable to attacks because I have a less secure access method enabled. I ignore those warnings because I thought that was necessary in order to receive mail via IMAP. But, the OAuth2 comment in the other thread made me question that. I checked my settings and found I am using OAuth2 in Thunderbird. However, I am still getting the warnings from Google that I am less secure than I need to be. This probably means that "allow less secure apps" is turned on. They give me a single "Fix this" button but no technical explanation of what that will do. My guess is that the button you are seeing is a button to turn off "allow less secure apps" in your Google account settings. If I press that button, will IMAP still work? So long as you are using OAuth2 with Gmail, and not "normal password". (Note that I also access my gmail account from an iOS phone so that needs to continue working, too. If the iOS Mail app uses OAuth2 then it will keep working. I haven't tried to find out. Finally, I use Thunderbird to access accounts on a number of different servers and accounts, so I have no desire to switch to GMail's web interface or their iOS app. The "allow less secure apps" setting will not affect your other mail accounts, not unless those other mail accounts are actually managed by Gmail. I mention this because a few ISPs have outsourced their email service to Gmail. I like having all my eamil come to one place - Thunderbird on my PC and Apple's Mail app on the phone.) Any advice is appreciated. Pat |
#13
|
|||
|
|||
Oauth2, GMail, and Thunderbird
On Thu, 29 Nov 2018 23:14:49 +0100, "Carlos E.R."
wrote: On 29/11/2018 14.25, Pat wrote: In another thread, someone mentioned that enabling OAuth2 in Thunderbird made Google happy (ie, fewer security warnings received). I use Thunderbird to access my GMail account via IMAP. I occassionally get a warning from GMail that my account is more vulnerable to attacks because I have a less secure access method enabled. I ignore those warnings because I thought that was necessary in order to receive mail via IMAP. But, the OAuth2 comment in the other thread made me question that. I checked my settings and found I am using OAuth2 in Thunderbird. However, I am still getting the warnings from Google that I am less secure than I need to be. They give me a single "Fix this" button but no technical explanation of what that will do. If I press that button, will IMAP still work? (Note that I also access my gmail account from an iOS phone so that needs to continue working, too. Finally, I use Thunderbird to access accounts on a number of different servers and accounts, so I have no desire to switch to GMail's web interface or their iOS app. I like having all my eamil come to one place - Thunderbird on my PC and Apple's Mail app on the phone.) Any advice is appreciated. What google wants is you disable "less secure" connections at their web page. At the server side, not at you client side. I understand. If you only use "approved" applications on all your devices, then you can do it. Else ignore the message. But, are the latest iOS mail app (not the gmail specific iOS app) and the latest Thunderbird windows build "approved applications"? I guess I need to try it and find out. Thanks to everyone who responded. Pat |
#14
|
|||
|
|||
Oauth2, GMail, and Thunderbird
Pat wrote:
1. I didn't know I had a google admin account. I'll have to look into that. Actually that link was one for those using gsuite (e.g. businesses) the link for individuals is https://support.google.com/accounts/answer/6010255 2. Regarding your "if you are sure..." sentence above, I thought I was using IMAP but the OAuth2 checkbox is checked. Is that https/oath or imap/pop? Sounds like you're using IMAP with Oauth2, what I was trying to avoid was the situation where you used POP or IMAP with "insecure" authentication on some other device, then disabled the insecure access and broke that other device's email. If you only use gmail in a browser (over https) or in a mail client with IMAP and Oauth2 then you're safe to disable the insecure option. |
#15
|
|||
|
|||
Oauth2, GMail, and Thunderbird
On Fri, 30 Nov 2018 12:53:28 +0000, Andy Burns wrote:
Pat wrote: 1. I didn't know I had a google admin account. I'll have to look into that. Actually that link was one for those using gsuite (e.g. businesses) the link for individuals is https://support.google.com/accounts/answer/6010255 2. Regarding your "if you are sure..." sentence above, I thought I was using IMAP but the OAuth2 checkbox is checked. Is that https/oath or imap/pop? Sounds like you're using IMAP with Oauth2, what I was trying to avoid was the situation where you used POP or IMAP with "insecure" authentication on some other device, then disabled the insecure access and broke that other device's email. If you only use gmail in a browser (over https) or in a mail client with IMAP and Oauth2 then you're safe to disable the insecure option. What's insecure about using TCL/SSL for transmission and the usual account name/password to access IMAP? This OAuth2 stuff seems targeted at HTML APIs. |
|
Thread Tools | |
Display Modes | Rate This Thread |
|
|