From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-0.7 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 7552 invoked from network); 25 Oct 2022 18:26:51 -0000 Received: from mx1.math.uh.edu (129.7.128.32) by inbox.vuxu.org with ESMTPUTF8; 25 Oct 2022 18:26:51 -0000 Received: from lists1.math.uh.edu ([129.7.128.208]) by mx1.math.uh.edu with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1onOdV-00A5QV-7F for ml@inbox.vuxu.org; Tue, 25 Oct 2022 13:26:49 -0500 Received: from lists1.math.uh.edu ([127.0.0.1] helo=lists.math.uh.edu) by lists1.math.uh.edu with smtp (Exim 4.96) (envelope-from ) id 1onOdU-002Z24-2v for ml@inbox.vuxu.org; Tue, 25 Oct 2022 13:26:48 -0500 Received: from mx1.math.uh.edu ([129.7.128.32]) by lists1.math.uh.edu with esmtp (Exim 4.96) (envelope-from ) id 1onOdG-002Z1v-36 for ding@lists.math.uh.edu; Tue, 25 Oct 2022 13:26:44 -0500 Received: from quimby.gnus.org ([95.216.78.240]) by mx1.math.uh.edu with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1onOdE-00A5Pv-5K for ding@lists.math.uh.edu; Tue, 25 Oct 2022 13:26:34 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnus.org; s=20200322; h=Content-Type:MIME-Version:Message-ID:In-Reply-To:Date: References:Subject:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=DT0b7mnGXs1ynzrEvt0EwTUygRwbPbsOGZWlFuUBcF0=; b=IXjdolTkW/efgzUAH+Keawn/Sw gbSbhK853ey+8F39QTUiW/xyRz5yl29ffC4W+p+izJsVK5nakmQdc4heYw+DbQBRdb470UNc2nasT XGmdnxXFIpl200sI7avqwKIduiNwBphdm8dGhU2WQB/RH/i+CL1uLrmUzCoL1CAIgGRQ=; Received: from mail-pg1-x52e.google.com ([2607:f8b0:4864:20::52e]) by quimby.gnus.org with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1onOd5-0004PU-7J for ding@gnus.org; Tue, 25 Oct 2022 20:26:26 +0200 Received: by mail-pg1-x52e.google.com with SMTP id h2so6172801pgp.4 for ; Tue, 25 Oct 2022 11:26:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bobnewell-net.20210112.gappssmtp.com; s=20210112; h=mime-version:user-agent:message-id:in-reply-to:date:references :organization:subject:cc:to:from:from:to:cc:subject:date:message-id :reply-to; bh=DT0b7mnGXs1ynzrEvt0EwTUygRwbPbsOGZWlFuUBcF0=; b=qRR79mWhcW1AMhs35avrS0cpwzeeteAdHDRn8ZH35BpWfHEb2zhHwF6Dk/avhkonbe JTvJxyqUp/2FAuz6p4AHDhZ2eWIY0UGAw7imCIMKSub9qQqUv5W6W9s+zoSrsgx/XwsR Ea/6duurO9YpowyCBE2K7hvo1w7yukOS+0eVMoRtXSFZX/5KVcbB99SDmIuR9uoYdVDd acSChpBdF2GK2G81J5SSF/4B66WXyZ+wIYef0zayPguVuANMeR0QkVlywfmHIIInw/NY iG0YwbpqZ9Nm4JXs3eA2+HUNrjszAtytC90ESgSh6kK+tsniDhVxuR07bUD08o309eZW vqyA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=mime-version:user-agent:message-id:in-reply-to:date:references :organization:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=DT0b7mnGXs1ynzrEvt0EwTUygRwbPbsOGZWlFuUBcF0=; b=yFmKYBCMZf5U42/1+UNVsAoSU06YHi+2AdKZoDQSD+Zx3+FiLPQMg978BpvNo76xBU gr1EuSbYQQHga9COPfLe23kuzkRYdnDjlLgIn17Lh/PM4I1veN5sWSuwDEBWSwJQqdEE /W187bXwE9nu8bx5HkUZ5rzj2+Zav9coqGvfED3fuR2hvMrKYlPaQ6ZTyIo5vbbKATkK 5SL+ZQwtrSBECvFo0pCE86RAAs5FC9b2Z0ZeIZK9HPYVS3g9pu/vGjR+s559TZwoHz/L HpCMzo1MjNv+zTAt6L2bqfl93mcISP90lwOynD0ZCh8h/h3F9DQSuWVfjId5i0i7AVKZ g+qQ== X-Gm-Message-State: ACrzQf32I89WvdBdTyWWchpg+W/B1fhc0I/FvFmLzG+K6jdB0LI/fLhe HDF2lJjTG8L5OK5OQ3Zeu0SD/U0MIH33zP9i X-Google-Smtp-Source: AMsMyM4uvnlZ3zin/NFG8PqRH0uUCQxvnY4JLbhWLBg03glYD3iFtPajecHY3qh9PPOvwmeGaOuwXA== X-Received: by 2002:a05:6a00:b54:b0:566:917:e57e with SMTP id p20-20020a056a000b5400b005660917e57emr39861109pfo.26.1666722380021; Tue, 25 Oct 2022 11:26:20 -0700 (PDT) Received: from localhost (dhcp-141-239-253-106.hawaiiantel.net. [141.239.253.106]) by smtp.gmail.com with ESMTPSA id x12-20020a1709027c0c00b00186988da114sm1500296pll.36.2022.10.25.11.26.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Oct 2022 11:26:19 -0700 (PDT) From: Bob Newell To: ding@gnus.org Cc: Subject: Re: gmail+imap+smtp (oauth2) Organization: Avi Gobbler Publishing References: <87sfpswhy2.fsf@mat.ucm.es> <87r15cjhim.fsf@ucl.ac.uk> <877d7234bl.fsf@undisclosedlocation.com> <87o7u1skek.fsf@iki.fi> <87fsfdb0wf.fsf@undisclosedlocation.com> <875yg8nym4.fsf@iki.fi> Date: Tue, 25 Oct 2022 08:26:18 -1000 In-Reply-To: <875yg8nym4.fsf@iki.fi> (Jarmo Hurri's message of "Tue, 25 Oct 2022 10:36:35 +0300") Message-ID: <87wn8nep4l.fsf@undisclosedlocation.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain List-ID: Precedence: bulk Jarmo Hurri writes: > Greetings Bob. > > I am using this opportunity to ask a very basic question that might save > me a lot of time: does this mean that you need to 2FA every time you > initiate an imap connection? No. Not exactly. For every mail service I've set up for 2FA and app passwords thus far: 1. You MUST enable 2FA to be able to generate an app password. 2. When using IMAP/SMTP, the userid and app password alone is sufficient. 3. When logging in to whatever webmail is provided, you must do 2FA, but then there is generally an option to "remember this device" or some such, allowing you to just use your password after that. Some systems still make you do 2FA every so often, for instance on the University of Hawai`i account that I use, I think it's once a week or so. > I was told that > 1. MS will phase out imap pw connections starting Oct '22 And they have on two of my three accounts, but for each of these the 2FA/app password method works. > 2. this will happen at different times for different customers; for us > it happened last week without warning Same here. One day SMTP just stopped working until I went around the loop of 2FA and an app password. I have to ask myself how 2FA provides much security when app passwords exist, and the option to bypass 2FA exists. -- Bob Newell Honolulu, Hawai`i - Via GNU/Linux/Emacs/Gnus/BBDB