[NJTechDiv] FW: [NFBCS] FW: multi factor authentication

Sat Jul 13 20:35:20 UTC 2024

Tracy, my issue is not about establishing and using multi factor 
authentication (MFA), I just forgot to change the subject to a more 
appropriate subject to reflect my real issue.

And received a response from Curtis Chong, and have been discussing my 
issue a bit.

-------- Original Message --------
From: Tracy Carcione via NJTechDiv [mailto:njtechdiv at nfbnet.org]
Sent: Saturday, July 13, 2024 at 3:47 PM
To: 'New Jersey Technology Division List' <njtechdiv at nfbnet.org>
Cc: carcione at access.net
Subject: [NJTechDiv] FW: [NFBCS] FW:  multi factor authentication
Mario, here is a detailed answer from the CS list.
Tracy

-----Original Message-----
From: NFBCS <nfbcs-bounces at nfbnet.org> On Behalf Of Steve Jacobson via NFBCS
Sent: Saturday, July 13, 2024 3:43 PM
To: NFB in Computer Science Mailing List <nfbcs at nfbnet.org>
Cc: Steve Jacobson <steve.jacobson at outlook.com>
Subject: Re: [NFBCS] FW: [NJTechDiv] multi factor authentication

Maybe this is obvious, but OAUTH2 is a protocol that has been used by 
GMAIL for a year or more now.  It is not the same as two-factor 
authorization.  For email clients that support it, an app-specific 
password is not required for GMail.  However, the process to make this 
work can be confusing.  I am assuming that HotMail is asking that OAUTH2 
be used from the note that has been forwarded.

First, the email client being used has to support OAUTH2.  I would think 
this would be supported by Thunderbird, but if an old version is being 
used, it may not have this support.  This needs to be checked and 
Thunderbird might need to be updated to get OAUTH2 support.  I am not a 
Thunderbird user, so I do not know if or when such support was added. 
 From the email that was forwarded, though, it almost sounds as though 
the user's version of Thunderbird is supporting OAUTH2 but that is not 
handling something correctly.  Again, it might be necessary to upgrade 
to the latest version.

Second, what happened when I used this protocol for Gmail was that  I 
was routed to the Gmail log in page when I connected for the first time. 
  I had to enter my user-id and password, and I may have had to 
acknowledge I was establishing an OAUTH2 connection with my email 
client.  If the page one is connected to requires two-factor 
authorization, one might have to deal with that to establish the 
connection for the first time.  To be clear, if one is using Thunderbird 
to connect to HotMail, one should get connected to the Hotmail web page. 
  When this is done once, the email client should connect as usual 
without you needing to do this again.  There may be cases that 
credentials are requested again, but this doesn't happen often.  From 
the email that was forwarded, it doesn't sound like the user is getting 
automatically connected to the HotMail page that needs to happen to 
create the HotMail connection the first time.  Make sure that a web page 
isn't opening in a separate window.  One could easily think something 
opened by accident and close the window, not realizing the process was 
being cancelled.  Also, I have found that this process can time out if 
one doesn't act quickly enough.  Be sure the newer address given still 
supports POP.  Also, I don't know how Thunderbird knows when to make 
OAUTH2 available as a choice, but I wonder if some incorrect assumptions 
are being made since this is a new process.  I also didn't think I had 
to authenticate for both the receiving and sending server, but this 
could be handled differently depending upon the email program.

I am not an expert in this area but hope the above is of some help.

Best regards,

Steve Jacobson

-----Original Message-----
From: NFBCS <nfbcs-bounces at nfbnet.org> On Behalf Of Nancy Coffman via NFBCS
Sent: Saturday, July 13, 2024 1:53 PM
To: NFB in Computer Science Mailing List <nfbcs at nfbnet.org>
Cc: Nancy Coffman <nancy.l.coffman at gmail.com>
Subject: Re: [NFBCS] FW: [NJTechDiv] multi factor authentication

gongle also has a setting called "allow less secure apps". You may need 
to check for something like that. The Microsoft Disability Answer Desk 
may be able to help.
Nancy Coffman

On Jul 13, 2024, at 10:41 AM, Curtis Chong via NFBCS <nfbcs at nfbnet.org> 
wrote:

Hello:

I think we all need more information. I reached out to Mario asking to
see the original email sent by Microsoft. Somehow, I don't think this
is as simple as simply turning on two-factor authentication. Google
has been on this path for quite a few years now, and for legacy
applications, it forces you to create what it calls an app-specific
password. Verizon.net also forces creation of an app-specific
password. I am wondering of Microsoft is doing the same with Hotmail.

Cordially,

Curtis Chong

-----Original Message-----
From: NFBCS <nfbcs-bounces at nfbnet.org> On Behalf Of Tracy Carcione via
NFBCS
Sent: Saturday, July 13, 2024 6:16 AM
To: 'NFB in Computer Science Mailing List' <nfbcs at nfbnet.org>
Cc: carcione at access.net
Subject: [NFBCS] FW: [NJTechDiv] multi factor authentication

A person in our New Jersey Technology committee is having trouble
adding 2-factor authentication to his Hotmail account, which Microsoft
says he must do.  He is using Thunderbird for email.
His message is below.  Can anyone help?
You can write him directly at
Mario Brusco <mrb620 at hotmail.com>
Or I can pass on messages.
Thanks.
Tracy

-----Original Message-----
From: NJTechDiv <njtechdiv-bounces at nfbnet.org> On Behalf Of Mario
Brusco via NJTechDiv
Sent: Friday, July 12, 2024 4:17 PM
To: njtechdiv at nfbnet.org
Cc: Mario Brusco <mrb620 at hotmail.com>
Subject: [NJTechDiv] multi factor authentication

On July 3, I received an email from Microsoft notifying me that it
would be necessary for me to update the sign-in technology of my
Hotmail account before September 16th, 2024 to maintain email access.

Since I use Thunderbird with my Hotmail account using POP:

Basically, what I need to do is to change the authentication method of
the POP and SMTP server to use OAuth2. It seems to be straight
forward, but I'm finding that it's not.

The instructions specify that the address for the POP server should be
outlook.office365.com, but immediately I receive an error that a login
to office365.com cannot be completed, and therefore I cannot continue
with the rest of the instructions. If I leave the address as
POP-mail.outlook.com, I can then choose OAuth2 for the authentication
method, and continue with the rest of the instructions.

Now, the SMTP server should be SMTP-mail.outlook.com, but there is no
choice of OAuth2 for authentication. However if I change the address
to SMTP.office365.com, I can choose OAuth2 for the authentication, but
when I press the OK button, I receive an error that the login to
smtp.office365.com cannot be completed.

The resource that started this mess is:

https://support.mozilla.org/en-US/kb/microsoft-oauth-authentication-an
d-thun derbird-202#w_changes-to-authentication

I would appreciate any help as to what the server addresses and other
settings if warranted should be. I'd like to get this done as soon as
possible so retrieving and sending email from me continues after 9/16/24.

_______________________________________________
NJTechDiv mailing list
NJTechDiv at nfbnet.org
http://nfbnet.org/mailman/listinfo/njtechdiv_nfbnet.org
To unsubscribe, change your list options or get your account info for
NJTechDiv:
http://nfbnet.org/mailman/options/njtechdiv_nfbnet.org/carcione%40acce
ss.net

_______________________________________________
NFBCS mailing list
NFBCS at nfbnet.org
http://nfbnet.org/mailman/listinfo/nfbcs_nfbnet.org
To unsubscribe, change your list options or get your account info for NFBCS:
http://nfbnet.org/mailman/options/nfbcs_nfbnet.org/chong.curtis%40gmai
l.com

_______________________________________________
NFBCS mailing list
NFBCS at nfbnet.org
http://nfbnet.org/mailman/listinfo/nfbcs_nfbnet.org
To unsubscribe, change your list options or get your account info for NFBCS:
http://nfbnet.org/mailman/options/nfbcs_nfbnet.org/nancy.l.coffman%40g
mail.com

_______________________________________________
NFBCS mailing list
NFBCS at nfbnet.org
http://nfbnet.org/mailman/listinfo/nfbcs_nfbnet.org
To unsubscribe, change your list options or get your account info for NFBCS:
http://nfbnet.org/mailman/options/nfbcs_nfbnet.org/steve.jacobson%40outlook.com
_______________________________________________
NFBCS mailing list
NFBCS at nfbnet.org
http://nfbnet.org/mailman/listinfo/nfbcs_nfbnet.org
To unsubscribe, change your list options or get your account info for NFBCS:
http://nfbnet.org/mailman/options/nfbcs_nfbnet.org/carcione%40access.net

_______________________________________________
NJTechDiv mailing list
NJTechDiv at nfbnet.org
http://nfbnet.org/mailman/listinfo/njtechdiv_nfbnet.org
To unsubscribe, change your list options or get your account info for 
NJTechDiv:
http://nfbnet.org/mailman/options/njtechdiv_nfbnet.org/mrb620%40hotmail.com