[NJTechDiv] FW: [NFBCS] FW: multi factor authentication

carcione at access.net carcione at access.net
Sat Jul 13 19:47:55 UTC 2024 

Mario, here is a detailed answer from the CS list.
Tracy


-----Original Message-----
From: NFBCS <nfbcs-bounces at nfbnet.org> On Behalf Of Steve Jacobson via NFBCS
Sent: Saturday, July 13, 2024 3:43 PM
To: NFB in Computer Science Mailing List <nfbcs at nfbnet.org>
Cc: Steve Jacobson <steve.jacobson at outlook.com>
Subject: Re: [NFBCS] FW: [NJTechDiv] multi factor authentication

Maybe this is obvious, but OAUTH2 is a protocol that has been used by GMAIL for a year or more now.  It is not the same as two-factor authorization.  For email clients that support it, an app-specific password is not required for GMail.  However, the process to make this work can be confusing.  I am assuming that HotMail is asking that OAUTH2 be used from the note that has been forwarded.

First, the email client being used has to support OAUTH2.  I would think this would be supported by Thunderbird, but if an old version is being used, it may not have this support.  This needs to be checked and Thunderbird might need to be updated to get OAUTH2 support.  I am not a Thunderbird user, so I do not know if or when such support was added.  >From the email that was forwarded, though, it almost sounds as though the user's version of Thunderbird is supporting OAUTH2 but that is not  handling something correctly.  Again, it might be necessary to upgrade to the latest version.

Second, what happened when I used this protocol for Gmail was that  I was routed to the Gmail log in page when I connected for the first time.  I had to enter my user-id and password, and I may have had to acknowledge I was establishing an OAUTH2 connection with my email client.  If the page one is connected to requires two-factor authorization, one might have to deal with that to establish the connection for the first time.  To be clear, if one is using Thunderbird to connect to HotMail, one should get connected to the Hotmail web page.  When this is done once, the email client should connect as usual without you needing to do this again.  There may be cases that credentials are requested again, but this doesn't happen often.  From the email that was forwarded, it doesn't sound like the user is getting automatically connected to the HotMail page that needs to happen to create the HotMail connection the first time.  Make sure that a web page isn't opening in a separate window.  One could easily think something opened by accident and close the window, not realizing the process was being cancelled.  Also, I have found that this process can time out if one doesn't act quickly enough.  Be sure the newer address given still supports POP.  Also, I don't know how Thunderbird knows when to make OAUTH2 available as a choice, but I wonder if some incorrect assumptions are being made since this is a new process.  I also didn't think I had to authenticate for both the receiving and sending server, but this could be handled differently depending upon the email program.

I am not an expert in this area but hope the above is of some help.

Best regards,

Steve Jacobson

-----Original Message-----
From: NFBCS <nfbcs-bounces at nfbnet.org> On Behalf Of Nancy Coffman via NFBCS
Sent: Saturday, July 13, 2024 1:53 PM
To: NFB in Computer Science Mailing List <nfbcs at nfbnet.org>
Cc: Nancy Coffman <nancy.l.coffman at gmail.com>
Subject: Re: [NFBCS] FW: [NJTechDiv] multi factor authentication

gongle also has a setting called "allow less secure apps". You may need to check for something like that. The Microsoft Disability Answer Desk may be able to help.
Nancy Coffman

> On Jul 13, 2024, at 10:41 AM, Curtis Chong via NFBCS <nfbcs at nfbnet.org> wrote:
>
> Hello:
>
> I think we all need more information. I reached out to Mario asking to 
> see the original email sent by Microsoft. Somehow, I don't think this 
> is as simple as simply turning on two-factor authentication. Google 
> has been on this path for quite a few years now, and for legacy 
> applications, it forces you to create what it calls an app-specific 
> password. Verizon.net also forces creation of an app-specific 
> password. I am wondering of Microsoft is doing the same with Hotmail.
>
> Cordially,
>
> Curtis Chong
>
>
> -----Original Message-----
> From: NFBCS <nfbcs-bounces at nfbnet.org> On Behalf Of Tracy Carcione via 
> NFBCS
> Sent: Saturday, July 13, 2024 6:16 AM
> To: 'NFB in Computer Science Mailing List' <nfbcs at nfbnet.org>
> Cc: carcione at access.net
> Subject: [NFBCS] FW: [NJTechDiv] multi factor authentication
>
> A person in our New Jersey Technology committee is having trouble 
> adding 2-factor authentication to his Hotmail account, which Microsoft 
> says he must do.  He is using Thunderbird for email.
> His message is below.  Can anyone help?
> You can write him directly at
> Mario Brusco <mrb620 at hotmail.com>
> Or I can pass on messages.
> Thanks.
> Tracy
>
>
> -----Original Message-----
> From: NJTechDiv <njtechdiv-bounces at nfbnet.org> On Behalf Of Mario 
> Brusco via NJTechDiv
> Sent: Friday, July 12, 2024 4:17 PM
> To: njtechdiv at nfbnet.org
> Cc: Mario Brusco <mrb620 at hotmail.com>
> Subject: [NJTechDiv] multi factor authentication
>
> On July 3, I received an email from Microsoft notifying me that it 
> would be necessary for me to update the sign-in technology of my 
> Hotmail account before September 16th, 2024 to maintain email access.
>
> Since I use Thunderbird with my Hotmail account using POP:
>
> Basically, what I need to do is to change the authentication method of 
> the POP and SMTP server to use OAuth2. It seems to be straight 
> forward, but I'm finding that it's not.
>
> The instructions specify that the address for the POP server should be 
> outlook.office365.com, but immediately I receive an error that a login 
> to office365.com cannot be completed, and therefore I cannot continue 
> with the rest of the instructions. If I leave the address as 
> POP-mail.outlook.com, I can then choose OAuth2 for the authentication 
> method, and continue with the rest of the instructions.
>
> Now, the SMTP server should be SMTP-mail.outlook.com, but there is no 
> choice of OAuth2 for authentication. However if I change the address 
> to SMTP.office365.com, I can choose OAuth2 for the authentication, but 
> when I press the OK button, I receive an error that the login to 
> smtp.office365.com cannot be completed.
>
> The resource that started this mess is:
>
> https://support.mozilla.org/en-US/kb/microsoft-oauth-authentication-an
> d-thun derbird-202#w_changes-to-authentication
>
> I would appreciate any help as to what the server addresses and other 
> settings if warranted should be. I'd like to get this done as soon as 
> possible so retrieving and sending email from me continues after 9/16/24.
>
> _______________________________________________
> NJTechDiv mailing list
> NJTechDiv at nfbnet.org
> http://nfbnet.org/mailman/listinfo/njtechdiv_nfbnet.org
> To unsubscribe, change your list options or get your account info for
> NJTechDiv:
> http://nfbnet.org/mailman/options/njtechdiv_nfbnet.org/carcione%40acce
> ss.net
>
>
> _______________________________________________
> NFBCS mailing list
> NFBCS at nfbnet.org
> http://nfbnet.org/mailman/listinfo/nfbcs_nfbnet.org
> To unsubscribe, change your list options or get your account info for NFBCS:
> http://nfbnet.org/mailman/options/nfbcs_nfbnet.org/chong.curtis%40gmai
> l.com
>
>
> _______________________________________________
> NFBCS mailing list
> NFBCS at nfbnet.org
> http://nfbnet.org/mailman/listinfo/nfbcs_nfbnet.org
> To unsubscribe, change your list options or get your account info for NFBCS:
> http://nfbnet.org/mailman/options/nfbcs_nfbnet.org/nancy.l.coffman%40g
> mail.com

_______________________________________________
NFBCS mailing list
NFBCS at nfbnet.org
http://nfbnet.org/mailman/listinfo/nfbcs_nfbnet.org
To unsubscribe, change your list options or get your account info for NFBCS:
http://nfbnet.org/mailman/options/nfbcs_nfbnet.org/steve.jacobson%40outlook.com
_______________________________________________
NFBCS mailing list
NFBCS at nfbnet.org
http://nfbnet.org/mailman/listinfo/nfbcs_nfbnet.org
To unsubscribe, change your list options or get your account info for NFBCS:
http://nfbnet.org/mailman/options/nfbcs_nfbnet.org/carcione%40access.net

More information about the NJTechDiv mailing list