Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

1.79 x 10^12 furlongs per fortnight -- it's not just a good idea, it's the law!


computers / comp.mobile.android / Re: Windows Thunderbird OAuth2 works for Google Accounts - but what for Android/iOS?

SubjectAuthor
o Re: Windows Thunderbird OAuth2 works for Google Accounts - but what for Android/Andy Burnelli

1
Re: Windows Thunderbird OAuth2 works for Google Accounts - but what for Android/iOS?

<t900cd$gk2$1@gioia.aioe.org>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=33005&group=comp.mobile.android#33005

 copy link   Newsgroups: alt.comp.os.windows-10 alt.comp.software.thunderbird alt.comp.microsoft.windows comp.mobile.android
Followup: alt.comp.os.windows-10,alt.comp.software.thunderbird,alt.comp.microsoft.windows
Path: i2pn2.org!i2pn.org!aioe.org!YJ9T4Jrl0F+pWyDRfaeX/g.user.46.165.242.75.POSTED!not-for-mail
From: spa...@nospam.com (Andy Burnelli)
Newsgroups: alt.comp.os.windows-10,alt.comp.software.thunderbird,alt.comp.microsoft.windows,comp.mobile.android
Subject: Re: Windows Thunderbird OAuth2 works for Google Accounts - but what for Android/iOS?
Followup-To: alt.comp.os.windows-10,alt.comp.software.thunderbird,alt.comp.microsoft.windows
Date: Wed, 22 Jun 2022 22:08:54 +0100
Organization: Aioe.org NNTP Server
Message-ID: <t900cd$gk2$1@gioia.aioe.org>
References: <t8qp8b$1ue7$1@gioia.aioe.org> <t8qrue$sqv$1@gioia.aioe.org> <t8qt0e$2jlef$1@news.mixmin.net> <0ig2bh1ckea5nl5ss29ddof8iutqiiiuk0@4ax.com> <t8rgmc$ds4$1@gioia.aioe.org> <t8rqsn$94s$1@dont-email.me> <t8sdom$d1v$1@dont-email.me> <t8tdqa$70l$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Info: gioia.aioe.org; logging-data="17026"; posting-host="YJ9T4Jrl0F+pWyDRfaeX/g.user.gioia.aioe.org"; mail-complaints-to="abuse@aioe.org";
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.6.1
X-Notice: Filtered by postfilter v. 0.9.2
Content-Language: en-GB
 by: Andy Burnelli - Wed, 22 Jun 2022 21:08 UTC

Chris wrote:

>> I always thought 2FA could be done via another email address thus
>> skipping the phone. I mean, they do have to think of
>> those who don't have a phone, right? Or do I live is a rose garden?
>
> For 2FA you always have to have *something*. That's what two factor
> authentication means: something you know and something you have. Typically,
> it's a password and a phone, but it can be different things.

Chris is correct that it can be a variety of "different things" that
suffice for 2FA/2SV/MFA/MSV where I'm almost completely unfamiliar with
what those multiple things might be.

Can someone help us flesh out _what_ those multiple MFA things might be?

Here's a list I came up with searching about where I ask others to help
flesh it out so that we each have a list of what our choices might be.

1. OAuth2 (usually using an on-device Google Account), or
2. Autoforward Google mail to a non-Google account, or,
3. 2FA/2SV/MSV/MFA via a variety of authenticators, such as...
a. app passwords
b. Some kind of "2FA/2SV/MSV/MFA authenticator" app, such as...
FreeOTP Authenticator, Google Authenticator, Authy, FreeOTP+, etc.
c. USB tokens
d. Time-based one-time passwords (TOTP)
e. SMS 2FA
f. Use the phone's built-in security key
g. Use a physical "security key"
h. Get a one-time security code from another device
i. Enter one of your 8-digit backup codes
j. Sign in using QR codes
k. Set up a "trusted computer" for sign in
l. Sign in with "google prompts"
Any others?

Since this is slightly off topic of a request to flesh out the MFA methods,
I added this post, with additional URLs to a specific thread over here:
*Please help flesh out MUA:Google 2SV/2FA/MSV/MFA options*
*for everyone to benefit prior to June 30th 2022*
<https://groups.google.com/g/comp.mobile.android/c/DGpa3lgnBf8>
--
Posted out of the goodness of my heart to disseminate useful information.

1
server_pubkey.txt

rocksolid light 0.9.7
clearnet tor