1 |
On Friday, 3 June 2022 09:53:22 BST Michael wrote: |
2 |
> On Friday, 3 June 2022 02:45:11 BST Dale wrote: |
3 |
> > Howdy, |
4 |
> > |
5 |
> > Early this morning Seamonkey could no longer fetch emails. It wouldn't |
6 |
> > accept the username and password. I did some searching and it seems |
7 |
> > that Google is disabling plain text username and password. Honestly, |
8 |
> > sounds like a good idea really. During my searches, most recommended |
9 |
> > OAuth2 so I switched to it. |
10 |
> |
11 |
> Err ... perhaps not? The use of a browser to delegate sign on is not |
12 |
> necessarily a good idea, because it introduces layers of complication and |
13 |
> with it potential vulnerabilities. Random explainer here: |
14 |
> |
15 |
> https://medium.com/securing/what-is-going-on-with-oauth-2-0-and-why-you-shou |
16 |
> ld-not-use-it-for-authentication-5f47597b2611 |
17 |
> |
18 |
> I recall some IMAP4 devs complaining about it, but Google pushed on |
19 |
> regardless. From the end of May if you want to login to Gmail you have no |
20 |
> option but to use OAuth2. I expect this will break some users login if they |
21 |
> have not disabled what Google calls "Less secure application access" and |
22 |
> shared with Google their mobile phone number and what other *private* |
23 |
> information Google wants to know, before it allows you to access your email |
24 |
> messages. |
25 |
|
26 |
Would a practical alternative be to have all gmail messages forwarded to |
27 |
another account? I haven't looked into this, but I have a gmail account, which |
28 |
perhaps I could set up to forward (relay?) all incoming mail to my Zen |
29 |
account. |
30 |
|
31 |
-- |
32 |
Regards, |
33 |
Peter. |