I remain without an answer to the following question. If I enable TFA so as to keep using k9 - and I have enabled it - will I have any trouble with those computer applications, such as Mozilla’s Thunderbird, that use Google services? By ‘computer’ I mean desktops and laptops. I worry that at some point the relevant applications, running on those devices, will stop working with Google. For, the devices at issue (desktop computers and laptops) do not run the sort of ‘trusted app’ - I think you mean ‘trust app’, i.e. authenticator app - that you mention.
I just took the chance and commited to enabling 2FA and disabled logging via unsecure apps in my Google Mail account. No need to wait until 30th of May
I generated an App passwort and I am using it with K9 on Android successfully.
Btw: 2FA is not required on each mail fetch or sending. Only once during App password creation.
PS. Just configured the same Gmail account on a fresh Thunderbird 91.5 on Ubuntu 20.04 with using the App password for email. No issues. (There were additionally web popup windows from Thunderbird asking for the Gmail account password via a Google authentication mask. They concered calendar and contact access which I ignored/closed).
Thunderbird is supporting OAuth 2.0 since Version 38. There are at a version number exceeding 90 right now . I configured manually the server adresses, ports and using Normal Password to use the generated App password instead of the OAuth 2.0 method.
Only when using TOTP. Push-based 2FA like the challenge or question type I described require a named device as Google, Microsoft er cetera will ask on which device to notify you. Hence the arbitrary limit.
Yesterday I configured my Gmail account on K-9 using the same 16 digit App password on my android mobile and android tablet. Both are working well. I use the same Gmail account in Thunderbird using OAuth2 and the account is setup via IMAP on all three devices.
Obviously, the best solution is to have OAuth2 implemented, so hopefully this can be done soon.
I am sorry, but I remain confused. Having used my Google Account settings to set up an app password, K9 does not prompt me for that password. Instead, when I try to send mail from my Gmail account, using K9, K9 closes, without any obvious error message (perhaps because I have set K9 notifications to ‘silent’). But if I look at my notifications, I do see an Android notification that says:
Failed to send some messages
Could not find a valid MX or A record for domain gmail.com.
I am getting pretty sick of this problem. K9 needs to provide, somewhere, intelligible and concise instructions, which work. (Part of the problem, admittedly, is that Google’s own instructions are dire.)
Just now I tried the following. I deleted my Gmail account - deleted it from K9 - and then recreate it. No dice: when trying to recreate the account (the account-within-k9), I got an error message saying . . an app-specific password was required.
I note finally that two of emails that I was trying to send via Gmail seem to have evaporated entirely. One was shown in my Gmail outbox (which is the only ‘folder’ within Gmail that K9 enables me to see).
It (also) sounds like you haven’t fully/correctly set up the gmail account in K9.
K9 doesn’t “prompt” you for a password. When you add an account there is an initial account setup screen where you can enter your account and password. If you enter “yourusername@gmail.com” and a (in that context) google app-password, and select “next”, K9 will do some automatic setup. However, if the information is handy, it’s often just easier to select the “manual setup”. You will need to select IMAP or POP (the automatic setup assumes IMAP) and will then be presented with a configuration screen. The necessary gmail bits are included under “Step 2” on the link in the previous post.
Until your gmail account is fully set up (including id/pw that will let you log into your gmail account) you won’t see any remote (gmail) account detail/“folders”.
OK, I got it working. Here is how. I found that after a while K9/Google would accept as the password for my incoming Gmail my app-specific password and only that password. So I used that password for my incoming Gmail. I had that app-specific password setup for my outgoing gmail already.
So here are instructions, which work and which are reasonably full, for how to get Gmail to work on k9.
(1) On the web, (1.1) sign into your Google account and (1.2) find therein the link that says ‘security’ and click that link. Find the heading marked ‘Signing into Google’. (1.3) Under that heading, find the mention of ‘app-specific passwords’. Create a password of that type. In so doing, I don’t think it matters what one puts under ‘app’ and under ‘device’. (Google’s procedure for setting up an app-specific password will prompt you for values for those.) But you might as well select (from the drop-downs) or enter (using ‘custom’ from the drop-down) whatever is closest to reality. (1.4) Take a copy, in one form of another, of the app-specific password (and note that the spaces in it are merely cosmetic i.e. are not actually part of the password).
(2) If you have no gmail account registered with k9, create one and in so doing ensure that you do the following. If you have a gmail account registered with k9 already, then edit the settings for that account such that they accord with the following. Use your app-specific password for both (2.1) your ‘incoming’ password and (2.2) your ‘outgoing’ password.
GMAIL will make compulsory to use their specific identifcation security protocol. So that K9 mail will no longer support GMAIL. I had to switch to another e-mail client. Hoping to be able to come back to K9 mail soon, But this can happen only if K9 mail supports this protocol.
Wrong. Google’s help page explicitly states that you can use app passwords. K-9 Mail will continue working. You can just no longer use your account’s main password, as that is considered insecure.
The recent replies in this thread are just people re-stating the same, wrong text again and again without having read the other replies. I will now close this thread, hoping that users at least read this message before posting.
