On 2022-03-08 20:33, Andy Burnelli wrote:
> WaltS48 wrote:
>
>> Now I do thanks to Richmond who provided this link.
>>
>> https://support.google.com/accounts/answer/6010255
>
> This all hit me out of the blue this week too, where I "think" the issue
> is:
> *Google will soon kill login/password access to your Google mail account*
>
> That means you have (how many?) choices for 3rd party MUAs like TB or K9:
> 1. OAuth2 (which TB supports, but not K-9 Mail)
> 2. App Passwords (which themselves require 2FA at least once, maybe more)
> 3. 2FA (I think)
> Someone should correct me where I err above as this is critical to know.
>
> BTW, I almost never log into my Google email account using a web browser,
> but how are you supposed to log into your Google email account after May
> 30th using a web browser if you can't use your account & password?

Related query (I think):

Which 3rd party PW managers can handle this?

--
Wolf K <https://kirkwood40.blogspot.com>
If 2021 was a math word-problem: If you're going down a river at 2 MPH
and your canoe loses a wheel, how much pancake mix would you need to
re-shingle your roof? (Anonymous)

Richmond wrote:
> Andy Burnelli <spam@nospam.com> writes:
>
>> We already know that Apple 2FA is permanent, where the judge in a
>> lawsuit against Apple said it's your own fault for accepting the
>> agreement in the first place, so Apple has every right in the world to
>> make it permanent. *The 2FA permanence was "expressly authorized by
>> the Plaintiffs* *when they updated the [Apple] software"*
>>
>> My only question here isn't about Apple but about Google: Does Google
>> _also_ make 2FA/2SV permanent?
>>
>> i.e., If you accept it, can you _never_ back out (ever!) for any
>> reason?
>
> I've had it switched on since 2014 and there is an option to switch it
> off in the google account settings. (I am not going to try it though).
>

Turning on, then off or and susbsequent toggling on/off is functional in
the Google account.
- Manage your Google Account/Security/Signing in to Google/2-Step
Verification
- Note: To access the option, a prompt to enter password may be
required. Additionally once enabled(turned on, with SMS text to a phone)
signing in prompts for entry of a correct password before sending the
2SV authorization code to the phone.
- The device(e.g. pc), when accessing the account via the web may
provide an option to 'Trust' the device for future access - retention
for same may be dependent on locally stored browser cookies and possibly
in addition to Google storing recent activity.

--
....w¡ñ§±¤ñ

....w�񧱤� wrote:

> Turning on, then off or and susbsequent toggling on/off is functional in
> the Google account.

Thanks for having tested this and clearly for having looked it up for us!

The question came up because one of the iKooks rationalized that the reason
Apple doesn't let you turn off 2FA once you turn it on is Google made them.

As if Apple has no free will.
*That iKook was _insistent_ that Google _also_ did what Apple clearly does*
Q: Can I turn off two-factor authentication after I've turned it on?
A: No. After the trial period, it's permanent (like as in forever).
<https://support.apple.com/en-us/HT204915>

The facts show despite the iKook's supreme confidence in being dead wrong,
yet again their _entire_ belief system is based on _zero_ facts.

Why did the iKook nospam claim that Google 2SF/2FA was permanent?
I don't know why.
I just know he did.

He said it with such confidence too.

Note this is Dunning Kruger first quartile behavior of the iKooks to be both
so wrong, and at the same time in being so confident in being so very wrong.

Like the lemon-juice bank robber was.
--
I don't care that iKooks are child-like with a low-IQ & no education & low
self esteem; but due to that, they're so confident in being so very wrong.

"Andy Burnelli" wrote in message news:t0bmg2$1nfe$1@gioia.aioe.org...
>...winston wrote:
>>
>> Turning on(2FV), then off or and susbsequent toggling on/off is
>> functional in the Google account.
>>
>Thanks for having tested this and clearly for having looked it up for us!

You're welcome.
- took about 3 minutes to test on/off - not a big issue
I suspect many will go looking for Google's settings in a mail
account's settings, instead of the account's higher level settings.
Thus the reason to clarify where the feature is found.

2FA works quite well for my Apple ID

For Google, only a GMail email account at this end...and for the purpose and
use of that email account 2FV on or off isn't a big difference.
For Desktop, laptop and tablet once trusted and from a non-signed-in
starting position it's the same sign-in(just username/pw) with 2FV on or
off.

An iPhone using the Outlook iOs app which meets the upcoming Google
authorization is also a non issue.

For those that need to wear a tin foil hat to compute or post in this group,
best they enable 2FV/2FA, if not, just add more foil.
For all other persons, in the long run - 2FA/2FV could very well be the norm
and expected access route in the future.

Note: 2SV and 2FA are not the same
More info can be found here. Once understood, it's a reasonable write-up
<https://rublon.com/blog/2fa-2sv-difference/>

--
....w¡ñ§±¤ñ

....winston wrote:

>>Thanks for having tested this and clearly for having looked it up for us!
>
> You're welcome.

I love when people politely and purposefully helpfully _help_ each other!

> - took about 3 minutes to test on/off - not a big issue

Well, I will never (never never never!) use 2FA/2SV, so it would be a "big
issue" for me, just as it would for me to do anything I hate to do.

So I, for one, kindly thank you for testing given it's important that Google
not be like Apple in making a switch like that permanent (as in forever).

> I suspect many will go looking for Google's settings in a mail
> account's settings, instead of the account's higher level settings.
> Thus the reason to clarify where the feature is found.

This is also a kind hearted purposefully helpful PSA which is appreciated.
> 2FA works quite well for my Apple ID

I'm sure it works.
The point is that you can _never_ turn it off once you turn it on.

As the judge said, if you want to turn Apple 2FA off, don't complain to her
because you are the one who "installed the software" (her words, not mine).

For Apple when you accept 2FA, it's permanent.
For Google, it's not.

As an aside, why the iKook nospam insisted that it was is always beyond me
as I've never met people, in the flesh, so confident in being so wrong.

These strange iKooks are no different than the lemon-juice bank robber was.
(It's _why_ they're iKooks after all.)

> For Google, only a GMail email account at this end...and for the purpose and
> use of that email account 2FV on or off isn't a big difference.
> For Desktop, laptop and tablet once trusted and from a non-signed-in
> starting position it's the same sign-in(just username/pw) with 2FV on or
> off.
>
> An iPhone using the Outlook iOs app which meets the upcoming Google
> authorization is also a non issue.
>
> For those that need to wear a tin foil hat to compute or post in this group,
> best they enable 2FV/2FA, if not, just add more foil.

There seem to be only three options after May 30th, 2022:
1. 2FA/2SV
2. OAUth
3. App passwords (which requires at least once using 2FA/2SV)

For me, on Windows, that means Thunderbird (with OAUTH2).
For me, on Android, that means something other than K-9 Mail.
For me, on iOS, Apple already locked me out so 2 of my 3 iPads are dead.

> For all other persons, in the long run - 2FA/2FV could very well be the norm
> and expected access route in the future.

If there was a way to do 2FA/2SV without losing your privacy, I'd not be
against it, as I care more about my privacy than my security.

That makes sense if you look at what the _real_ threat is, and not what the
(rather clever) advertisers _want_ you to think the real threat is.

As a simple but obvious example, Apple has crappy security and crappy
privacy in the iPhone, but they went hog wild playing up their Face-ID
gimmick.

Why?
a. Because people are stupid. They believe in Marketing gimmicks.
b. Or... all people who own iPhones actually do live in the slums.
(Pick one.)

People believe that their face is so unique that it is perfect security.
Fine. But...

The real threat isn't someone grabbing your phone out of your hands.
Apple assumes everyone with an iPhone lives in the Harlem slums, or the
Oakland ghettos, or the Bronx Projects.

Sure, if you live in the projects, of course you would want to secure your
iPhone from someone sneaking up from behind and snatching it out of your
hands.

But I don't live in the slums.
I don't even lock my car or my home front door.
And my driveway gate is often left wide open.

Since I don't live in a ghetto, my threat isn't someone snatching my iPhone
out of my hands despite Apple being _desperate_ to convince me it is.

> Note: 2SV and 2FA are not the same
> More info can be found here. Once understood, it's a reasonable write-up
> <https://rublon.com/blog/2fa-2sv-difference/>

Well, I read the discussion by a bunch of people where it's "practically"
the same but "slightly different" so I simply lumped both together since I'm
not using either one unless they put a gun to my head.

When/if 2SV/2FA is designed in the future to add privacy instead of just
security, then (and only then) will I bother to consider it.

Personally, I think the marketing people have everyone thinking the real
threat is that they live in the slums, which just isn't the case for me.

Andy Burnelli wrote:

> Does Google _also_ make 2FA/2SV permanent?

Since some people may be confused, Google equates 2SV with 2FA:
<https://support.google.com/accounts/answer/185839>
"With 2-Step Verification (also known as two-factor authentication),
you add an extra layer of security to your account in case your
password is stolen. After you set up 2-Step Verification,
you'll sign in to your account in two steps using:
1. Something you know, like your password
2. Something you have, like your phone"

While some said 2SV is different from 2FA, Google doesn't think it is.