Community Discussions and Support
GMail to force OAuth :-( (Was: Changes For AT&T Email)

[quote user="idw"]Watch out for another developer news post on PM's home page soon.[/quote]

Here it is.

<p>[quote user="idw"]Watch out for another developer news post on PM's home page soon.[/quote]</p><p><a mce_href="http://www.pmail.com/devnews.htm" target="_blank" href="http://www.pmail.com/devnews.htm">Here</a> it is. </p>
			Michael
--
IERenderer's Homepage
PGP Key ID (RSA 2048): 0xC45D831B
S/MIME Fingerprint: 94C6B471 0C623088 A5B27701 742B8666 3B7E657C

I have used Pegasus to connect to AT&T Mail for many years.  AT&T has just announced changes:  I have to use an email app with Open Authentication (OAuth), or create a new Secure Mail Key to connect to AT&T.  Before I struggle to create a Secure Mail Key through AT&T,

Does Pegasus Mail meet the requirements of Open Authentication?

Thanks JohnGrace

<p>I have used Pegasus to connect to AT&T Mail for many years.  AT&T has just announced changes:  I have to use an email app with Open Authentication (OAuth), or create a new Secure Mail Key to connect to AT&T.  Before I struggle to create a Secure Mail Key through AT&T,</p><p>Does Pegasus Mail meet the requirements of Open Authentication?</p><p>Thanks JohnGrace </p>

Pegasus Mail does not support Open Authentication.  Gmail pushes OAuth but still has a configuration option to "Allow less secure apps".  This lets Pegasus Mail continue to work without the use of an Application Password (what AT&T calls a Secure Mail Key) but Google bugs you about this "security issue".  If AT&T doesn't have a similar option then you may have to go the Secure Mail Key route if they are forcing you to and not just recommending it.

Pegasus Mail does not support Open Authentication.  Gmail pushes OAuth but still has a configuration option to "Allow less secure apps".  This lets Pegasus Mail continue to work without the use of an Application Password (what AT&T calls a Secure Mail Key) but Google bugs you about this "security issue".  If AT&T doesn't have a similar option then you may have to go the Secure Mail Key route if they are forcing you to and not just recommending it.

Thanks.  I went the secure mail key route.  I had to find my old password to get into the myAT&T site.  After mucking around a bit, I found where AT&T issues the secure mail key (a random 16 character password) and copied it to the clipboard.  I then went to the Pegasus settings and replaced my old AT&T password with the new secure mail key.  Works like a charm.  Problem solved.  Thanks again,  John Grace

Thanks.  I went the secure mail key route.  I had to find my old password to get into the myAT&T site.  After mucking around a bit, I found where AT&T issues the secure mail key (a random 16 character password) and copied it to the clipboard.  I then went to the Pegasus settings and replaced my old AT&T password with the new secure mail key.  Works like a charm.  Problem solved.  Thanks again,  John Grace

Hello,

Unfortunately, Google announced that it will start refusing access to GMail without OAuth. :-( At first, they're going to reject "new access to LSA" ("less secure applications") as of June 15, 2020. The second step is scheduled for February 15, 2021, and no access using the supposedly less secure applications shall be possible any longer at all. :-(

<p>Hello,</p><p>Unfortunately, Google announced that it will start refusing access to GMail without OAuth. :-( At first, they're going to reject "new access to LSA" ("less secure applications") as of June 15, 2020. The second step is scheduled for February 15, 2021, and no access using the supposedly less secure applications shall be possible any longer at all. :-(</p>

I had this problem a long time ago with one of my Gmail accounts. At first I got very upset but then I found there are plenty of alternatives to Gmail. All I did was to instruct Gmail to forward every message to a new account created (GMX.com). The Gmail account still valid and accessible via the Web. From time to time I check it after false-positive spam until the day I find it is time to pull the plug.

IMHO all this "less secure applications" is nothing more than a way to Google make you enter their services through an application it can fully (almost) control: the Internet browser. It can't control mail clients like Pegasus Mail so it is labelled "less secure". Those Gmail "secure" clients like Outlook that use the same Internet browser engine are welcome.

I'm mentioning Gmail here but the same applies to with Microsoft (Live, Hotmail, etc), Yahoo! (AOL, Verizon), and many others.

<p>I had this problem a long time ago with one of my Gmail accounts. At first I got very upset but then I found there are plenty of alternatives to Gmail. All I did was to instruct Gmail to forward every message to a new account created (GMX.com). The Gmail account still valid and accessible via the Web. From time to time I check it after false-positive spam until the day I find it is time to pull the plug.</p><p>IMHO all this "less secure applications" is nothing more than a way to Google make you enter their services through an application it can fully (almost) control: the Internet browser. It can't control mail clients like Pegasus Mail so it is labelled "less secure". Those Gmail "secure" clients like Outlook that use the same Internet browser engine are welcome.</p><p>I'm mentioning Gmail here but the same applies to with Microsoft (Live, Hotmail, etc), Yahoo! (AOL, Verizon), and many others. </p>

-- Euler

Pegasus Mail 4.81.1154 Windows 7 Ultimate
IERenderer: 2.7.1.5 AttachMenu: 1.0.1.2
PMDebug: 2.5.8.34 BearHTML 4.9.9.6

[quote user="xhajt03"]Unfortunately, Google announced that it will start refusing access to GMail without OAuth. :-( At first, they're going to reject "new access to LSA" ("less secure applications") as of June 15, 2020. The second step is scheduled for February 15, 2021, and no access using the supposedly less secure applications shall be possible any longer at all. :-([/quote]

David Harris already knows about this and is going to provide support for OAuth as required to match these deadlines. Watch out for another developer news post on PM's home page soon.

<p>[quote user="xhajt03"]Unfortunately, Google announced that it will start refusing access to GMail without OAuth. :-( At first, they're going to reject "new access to LSA" ("less secure applications") as of June 15, 2020. The second step is scheduled for February 15, 2021, and no access using the supposedly less secure applications shall be possible any longer at all. :-([/quote]</p><p>David Harris already knows about this and is going to provide support for OAuth as required to match these deadlines. Watch out for another developer news post on PM's home page soon. </p>
			Michael
--
IERenderer's Homepage
PGP Key ID (RSA 2048): 0xC45D831B
S/MIME Fingerprint: 94C6B471 0C623088 A5B27701 742B8666 3B7E657C

Just a clarification, Google is talking about the implementation of OAth2 not OAuth, for GMail.  Similarily, other vendors are moving to adopting this new protocol.

Martin

<p>Just a clarification, Google is talking about the implementation of OAth2 not OAuth, for GMail.  Similarily, other vendors are moving to adopting this new protocol.</p><p>Martin </p>
live preview
enter atleast 10 characters
WARNING: You mentioned %MENTIONS%, but they cannot see this message and will not be notified
Saving...
Saved
With selected deselect posts show selected posts
All posts under this topic will be deleted ?
Pending draft ... Click to resume editing
Discard draft