Google was going to turn off access for LSA apps soon, and this includes IMAP for Gmail. However, with the pandemic they delayed this indefinitely.
https://gsuiteupdates.googleblog.com/2020/03/less-secure-app...
Since May 1st, using IMAP to access a G Suite account stopped working, though, with a message:
> IMAP command 'AUTHENTICATE PLAIN <authdata>' returned an error: NO [AUTHENTICATIONFAILED] Invalid credentials (Failure)
I know the credentials are good because they work in the browser. Maybe an automated process somewhere kicked in?
Comments
You need to set up an app specific password [1] and use that for IMAP.
By tankenmate 2020-05-0411:564 reply Or better yet use the IMAP / SMTP Oauth2 auth mechanism;
By nanna 2020-05-0412:28 Guide to setting up OAuth2 in offlineimap:
https://hobo.house/2017/07/17/using-offlineimap-with-the-gma...
By dgudkov 2020-05-0418:29 The problem with OAuth and Google is that Google requires from 3rd party vendors verification and it's very hard to obtain. Unsurprisingly, Google rejects requests for verification without any explanation and ignores any follow up communication.
By pmlnr 2020-05-0421:15 I despise oauth2 reauthentication requests in a mail client. It's insanely annoying.
By matheusmoreira 2020-05-0416:562 reply Do mutt and git-send-email have support for OAuth2?
By tankenmate 2020-05-0417:02 Not sure, I know that newer versions of thunderbird and k9 do, but you may need remove the account and re-create it; I didn't test changing the settings myself, I just deleted the old accounts and re-created them as IMAP / oauth.
By chadcatlett 2020-05-0513:24 I don't know about git-send-mail, but mainline mutt has oauth2 support for imap4, pop3, and smtp.
I haven't used it but it looks like it pushes the oauth2 token refresh off to an external script.
By rtx 2020-05-0414:29 They have turned it back on.
By throwaway49872 2020-05-0412:50 It does not work on some group accounts.
I’m out of the loop - where does Google commit to turning off IMAP? Is there any other standard that non-Google mail clients can follow?
Will Apple Mail lose Gmail compatibility or can they upgrade to something?
By rob-olmos 2020-05-0417:59 This is the original announcement I'm aware of:
https://gsuiteupdates.googleblog.com/2019/12/less-secure-app...
By tedivm 2020-05-0416:34 Yes- I used to maintain an open source imap library and looked into this when they first made the announcement. Microsoft is also planning on doing the same thing.
https://developer.microsoft.com/en-us/office/blogs/end-of-su...
Happening since morning, I got rid of Gapps on phone (for privacy concerns) and can't use K-9 Mail anymore, guess I'll have to resort to mobile browsers for email access.
That requires two-factor auth, which requires giving them a phone number.
I'm not sure if Google allows using phone notifications first (another 2fa method) and then switching to TOTP, but TOTP isn't allowed as the first choice.
They support using phone numbers and then switching to TOTP and deleting the phone number.
By 0xdeadb00f 2020-05-0423:17 It doesn't. I think they were just confirming this:
> I'm not sure if Google allows using phone notifications first (another 2fa method) and then switching to TOTP...
By nikisweeting 2020-05-0418:011 reply Can you use a Twilio number for $1/mo or some other burner service?
Twilio numbers, and most other VOIP numbers, cannot receive the short code text messages that Google uses for verification.
By nikisweeting 2020-05-063:39 You're right, I forgot that it doesn't work the other way around (my Google Voice number definitely can receive shortcodes though).
By sanchay 2020-05-0411:23 Also for me this page (https://myaccount.google.com/lesssecureapps) says - "Setting could not be read".
By generalpass 2020-05-0411:452 reply Unless it's for work, why not use a different service or host your own mail server? I'd say setting up a mail server with projects like Mail In A Box is easier than living without GApps.
By httpsterio 2020-05-050:271 reply Running your own mail server is a sure fire way of making sure that your email don't get through to anyone.
By generalpass 2020-05-0514:52 > Running your own mail server is a sure fire way of making sure that your email don't get through to anyone.
How is your experience so far with inboxing while using Mail In A Box?
By dlandau 2020-05-0411:56 At least for me it's for work
By EllipticCurve 2020-05-0413:15 I can confirm. Same thing for, started 3 hours ago. It seems to work again for the moment though (after one hour, no change from my side).
The setting is also gone for me!
