[Users] Help with supplying App Domain for OAuth2

Richard lists-claws at listmail.innovate.net
Thu Mar 24 17:57:43 UTC 2022


> Date: Thursday, March 24, 2022 13:10:22 -0400
> From: Leon Fisk <lfiskgr at gmail.com>
>
> On Thu, 24 Mar 2022 16:07:46 +0000
> Richard <lists-claws at listmail.innovate.net> wrote:
> 
> <snip>
>> I had actually thought that google was already enforcing the use of
>> app passwords, but seemingly not for another month.
> 
> If I go this route... do you know if an SMS Mobile message is
> something that will work for two-factor?

These are the options offered for getting the google 2fa code/access:

  - Tap Yes on your phone or tablet

  - Use your phone or tablet to get a security code (even if 
    it's offline)

  - Get a verification code from the Google Authenticator app

  - Enter one of your 8-digit backup codes

I have android devices, so automatically get the first. I actually
prefer the authenticator. If all else fails, you can use the last one
(backup codes), which doesn't require a mobile device.

I think you do need a mobile device, with SMS capabilities, to set up
2fa with google now. You used to be able to do it with just the
authenticator, but that's no longer an option. 

Once you've set up 2fa, in order to get app passwords, you only need
to use it to actually log in. If you read your mail with a 3rd-party
client - e.g., claws-mail (where you're using either app passwords or
OAuth) you won't encounter 2fa, unless/until you need to log in to
google/gmail via a web browser.




More information about the Users mailing list