XSF Discussion - 2022-05-18


  1. moparisthebest

    Google and "open standards" (say goodbye to Gmail) http://www.pmail.com/newsflash.htm

  2. MattJ

    moparisthebest: their communications are hazy as usual, but as far as I can tell this is the official doc about this change: https://support.google.com/accounts/answer/6010255?hl=en

  3. MattJ

    From reading that, I take away two things: 1) what they call "less secure app access" can be turned back on by the user, 2) application-specific passwords continue to be supported

  4. MattJ

    And frankly, everyone should be using app-specific passwords if they aren't already using a better alternative

  5. MattJ

    It's very unfortunate that OAuth2, which is essentially a convenient protocol for automatically obtaining app-specific passwords, can also allow the service provider to gate access in this way (due to needing to register client apps with the service provider)