[quote user="idw"]Watch out for another developer news post on PM's home page soon.[/quote]

Here it is.

I have used Pegasus to connect to AT&T Mail for many years.  AT&T has just announced changes:  I have to use an email app with Open Authentication (OAuth), or create a new Secure Mail Key to connect to AT&T.  Before I struggle to create a Secure Mail Key through AT&T,

Does Pegasus Mail meet the requirements of Open Authentication?

Thanks JohnGrace

Pegasus Mail does not support Open Authentication.  Gmail pushes OAuth but still has a configuration option to "Allow less secure apps".  This lets Pegasus Mail continue to work without the use of an Application Password (what AT&T calls a Secure Mail Key) but Google bugs you about this "security issue".  If AT&T doesn't have a similar option then you may have to go the Secure Mail Key route if they are forcing you to and not just recommending it.

Thanks.  I went the secure mail key route.  I had to find my old password to get into the myAT&T site.  After mucking around a bit, I found where AT&T issues the secure mail key (a random 16 character password) and copied it to the clipboard.  I then went to the Pegasus settings and replaced my old AT&T password with the new secure mail key.  Works like a charm.  Problem solved.  Thanks again,  John Grace

Hello,

Unfortunately, Google announced that it will start refusing access to GMail without OAuth. :-( At first, they're going to reject "new access to LSA" ("less secure applications") as of June 15, 2020. The second step is scheduled for February 15, 2021, and no access using the supposedly less secure applications shall be possible any longer at all. :-(

I had this problem a long time ago with one of my Gmail accounts. At first I got very upset but then I found there are plenty of alternatives to Gmail. All I did was to instruct Gmail to forward every message to a new account created (GMX.com). The Gmail account still valid and accessible via the Web. From time to time I check it after false-positive spam until the day I find it is time to pull the plug.

IMHO all this "less secure applications" is nothing more than a way to Google make you enter their services through an application it can fully (almost) control: the Internet browser. It can't control mail clients like Pegasus Mail so it is labelled "less secure". Those Gmail "secure" clients like Outlook that use the same Internet browser engine are welcome.

I'm mentioning Gmail here but the same applies to with Microsoft (Live, Hotmail, etc), Yahoo! (AOL, Verizon), and many others.

[quote user="xhajt03"]Unfortunately, Google announced that it will start refusing access to GMail without OAuth. :-( At first, they're going to reject "new access to LSA" ("less secure applications") as of June 15, 2020. The second step is scheduled for February 15, 2021, and no access using the supposedly less secure applications shall be possible any longer at all. :-([/quote]

David Harris already knows about this and is going to provide support for OAuth as required to match these deadlines. Watch out for another developer news post on PM's home page soon.

Just a clarification, Google is talking about the implementation of OAth2 not OAuth, for GMail.  Similarily, other vendors are moving to adopting this new protocol.

Martin