Impossible to authenticate with Google

If I may ask: How does 2FA track your info?

You could use a different OTP app other than Google Authenticator if you don’t trust them… But the app really only generates the OTPs. Thus, you can use any OTP app, e.g. Microsoft Authenticator.

If your mistrust is aimed at OTP apps in general, how about using a hardware token. I can recommend Yubikey.


“Authy” is another great authenticator app that I’ve been using myself since I enabled 2FA on a few sites, incl. Google.
It’s available for pretty much all operating systems and the best bit about it: You can use it on several devices simultanously, so no more worries about losing/switching devices.
I have it on my PC and all Android devices, so I’m all set :grinning:

I suppose I wasn’t specific enough, using a text for 2FA allows them your phone number which leads to additional tracking info.

Then use an app like Authy = no additional tracking info.

And for what it’s worth: I’d rather risk additional tracking but have my accounts protected from dubious people than have someone gain access to any account just because I’m afraid of some tracking, regardless of there actually being any or not :slightly_smiling_face:


Maybe I derailed the topic a bit, the bigger issue here is that I can’t access one of my gmail accounts on K-9. One account works fine but the other isn’t syncing, regardless of 2FA on or off.

It’s a trap!
If you can, please just wait for version 6.200. It does things the “right*” way, and uses OAuth.

Google does this because they want you to enable what they falsely call “2-factor authentication”. They’ve been pestering people about sharing their phone number with them for years.

In reality, since the so-called second factor is on the same exact device, it’s not two-factors but twice the same factor, and adds no security whatsoever. It is very good at looking like it does, though.
In reality, the purpose of this is, to link your phone and e-mail address more tightly in their ad profile about you, to know more about you, so they know better how to manipulate you (“advertisement”) to effectively steal more money from you (by making you pick inferior choices to their advantage and buy stuff you didn’t need).

* Of course, the actual right way, is to run a ~$20 home server with your own e-mail client, or at least rent from a provider where you’re the client, and not the product. Especially since it’s gonna cost you anyway, whether through privacy prostitution or just by paying honest provider.


My earlier post that k-9 was still working was premature… I guess it was a slow, intermittent rollout of enforcement.

Sorry to the k-9 devs, but I have moved on to another email app. Thanks for the good times!

Maybe I’ll check back in the future, but so far this other app is just fine. A little busy on the eyes, but I’ll get used to it or try other themes.

I was able to access Gmail on K-9 up until this Tuesday (07 June 2022) I’m sticking which K-9 as I am using de-googled devices and do not have Google sign in on any of them. I hope we can have a solution soon for K-9 being “a more secure app”

1 Like

I was able to access Gmail on K-9 up until this Tuesday (07 June 2022) I’m sticking with K-9 as I am using de-googled devices and do not have Google sign in on any of them. I hope we can have a solution soon for K-9 being “a more secure app”

1 Like

K9, as is, works fine with gmail, you just need to set up a google app-password and use that in K9, rather than your google site-wide pw. See @cketti’s post toward the top of this item for pointers to the information you need for doing that.

This no longer works as the option to enable less secure apps is no longer available.If you had it enabled before the cut off it continues to work but for how long ?

You do NOT need that option. You need an app password. See How to set up with a Gmail account

1 Like

Just to reinforce this, and to cut to the chase … all/what you need to set up is an “app password”. That option is available, whether you had one set up previously or not*. Just follow the instructions under “Create & use App Passwords” at:

You do have to have 2fa enabled.

To confirm that this was all still the case I just followed the steps outlined in the document I referenced above to set up an app password on an account that had 2fa on, but which had never previously had any app passwords. It worked as described.

  • app passwords may not be available for certain account types - see “3.” in the document above.
1 Like

If your that paranoid about Google reading your emails and knowing more about you, why are you using Gmail to begin with? If you really need to use Gmail, just get a prepaid sim and use that as your “phone number”…


Yes you are right (no need to shout) I had app password working for six weeks but a few days ago my account would not connect so I thought Google has stopped app password. I have just checked again and my 2fa was off, I think I must have turned it off trying to get Claws working, anyway all working again now both Android and Claws.

I don’t think people are paranoid, gmail is handy for some mail but normally have other mail accounts for private stuff. Hence multiple accounts in K9

I’m not disagreeing here. I personally have a separate email account that’s not a Gmail account for private emails. That doesn’t mean that Google doesn’t have true 2FA options. They do. Some are more secure (U2F) than others (TOTP)…

I use a Gmail account for a lot of “throwaway” stuff – announcements, newsletters, and the like – and rarely actually send anything from Gmail. For that on my Android phone I use the native Gmail app, and on the Chromebook, which I use more and more these days, I simply use the browser interface. For my “serious, private” email account, I use Thunderbird on my WIn desktop box and K-9 Mail on my Chromebook. Works like a charm. I see that K-9 is going to be folded into the Thunderbird “family” so that may make it easier to synchronize across devices.

Otherwise you can also compile the app yourself. The code just compiles if you open it with Android Studio. The only disadvantage is that you either need a rooted device where signature checking is disabled, a decent backup - restore solution (also root required) or to setup your accounts again (should work for IMAP, but not for POP3 accounts who would lose mail).

The curent snapshot works excelent with Gmail.

I need a Gmail account because I control some Google API keys for projects I work on. I don’t use the mail address for anything non-Google related.

1 Like