GMail to terminate access from "less secure" apps

[Controls Guy]

According to the attached, GMail is terminating access to devices that use only a username and password for login as of September 30.   This is the approach I'm currently using for sending emails from BRX.

• I'm not sure what PC programs or 'more secure' clients are doing that's different.   In TBird, for example, I don't give it any more information than I put into the BRX, yet it's not considered 'less secure'.
• If I'm correct that this will render BRX mute after 9/30, are there still email services that will work with BRX, or alternately, could BRX email be upgraded in that time frame to use this security?

[BobO]

According to the attached, GMail is terminating access to devices that use only a username and password for login as of September 30.   This is the approach I'm currently using for sending emails from BRX.

• I'm not sure what PC programs or 'more secure' clients are doing that's different.   In TBird, for example, I don't give it any more information than I put into the BRX, yet it's not considered 'less secure'.
• If I'm correct that this will render BRX mute after 9/30, are there still email services that will work with BRX, or alternately, could BRX email be upgraded in that time frame to use this security?

I have no idea what it would take to upgrade.

Right this moment I am eyeballs deep in EIP scanner. Given the restlessness of those who have waited patiently for as long as they have, I will not be allowing my attention to get diverted until it's shipped.

I find it hard to believe that there won't continue to be services that will work, or barring that, some form of gateway/relay app/service. The difficulties of sending email from embedded systems aren't going away any time soon.

[Controls Guy]

Yeah, exactly.   There's a lot of devices out there that only use username + password.

[franji1]

How does google's "app specific passwords" work?  Supposedly, this is a special password (not your google password) that embedded devices can use, and from what I read is an option after September 30?

Not sure if it's a one-time 2 Factor Authentication to set it up, or if it's EVERY time you try to access it.

I have no clue - just trying to understand.

[Controls Guy]

Me too.  I remember when I originally created my app passwords used with BRX, it seems like GMail used the term somewhat interchangeably with "less secure" device access.   Also, the notice says "less secure" and also "or devices that have you sign in with only your username and password" so maybe two different things or maybe the second is the definition of the first, I can't tell.  Either way, it sounds as if app specific passwords would fall into the second category, which is part of what's being banned.

Edit: finally, when you follow Google's instructions on creating a new app password, the link to do so doesn't appear for me on the specified page, so that maybe suggests that's part of what's going away.

[MAEdwards]

See if this helps.

Question: Why am I no longer receiving Gmail from C-more, Productivity or Do-more devices?

Answer: After May 30, 2022 Google will no longer support 3rd party apps or devices which ask you to sign in to your Google account using only your user name and password.

There are 3 steps needed to continue device access to Gmail.

Enable two-step verification (2SV) for your Google account.
Generate an application specific password for your device using your Google account.
Change your device settings to use the application specific password.[/li][/list]

Notes:
See attached .pdf for example device configurations.
Application specific passwords are not available unless 2SV is enabled.
The application specific password is a 16 character string that will be used on your device in place of your Google account login password.

[Bolt]

I've been using Brevo on more than a handful of BRX's for 2.5 years now, it has been so much better than Gmail. I've never looked back.

[Controls Guy]

See if this helps.

Question: Why am I no longer receiving Gmail from C-more, Productivity or Do-more devices?

Answer: After May 30, 2022 Google will no longer support 3rd party apps or devices which ask you to sign in to your Google account using only your user name and password.

There are 3 steps needed to continue device access to Gmail.

Enable two-step verification (2SV) for your Google account.
Generate an application specific password for your device using your Google account.
Change your device settings to use the application specific password.[/li][/list]

Thanks!  I'm aware of the 5/2022 deadline and the steps listed are what I am doing now.  I'm assuming that either the policy change was postponed from 5/2022 to 9/2024 or something was done then and this is something different.   In either case, it seems like 9/24 is expected to be more restrictive than whatever happened or didn't happen in 5/22, so I don't know if this is going to do the trick or not.   I discussed it with my partner and he's got some Idec's working on Yahoo, so I created an account there and there's no indication they plan to discontinue this, so hopefully that's the solution.   I'm also going to check out Brevo like Bolt is recommending.

[Controls Guy]

I've been using Brevo on more than a handful of BRX's for 2.5 years now, it has been so much better than Gmail. I've never looked back.

Thanks!  I looked briefly and couldn't tell if they do the LSA username/password combo or if it's something you have to do via HTTP.   They mention an API, which I assume is implemented via HTTP.    Do you mind saying how you've got it working in BRX, un/pw, or HTTP?

[Bolt]

Thanks!  I looked briefly and couldn't tell if they do the LSA username/password combo or if it's something you have to do via HTTP.   They mention an API, which I assume is implemented via HTTP.    Do you mind saying how you've got it working in BRX, un/pw, or HTTP?

Just a username/password through the Device Setup and regular EMAIL instructions in ladder logic.

[Controls Guy]

Thanks, Bolt! 

[Bolt]

BobO/franj1, would it be possible to expand the SMTP password field's max length? It's currently 19, but when entering a 90 character password, it does allow for a successful Test settings to be accomplished. But upon clicking OK, it tells me Authentication Password cannot exceed 19 characters. And of course DEVWRITE can't cram a longer password in there either. Just wondering if it's feasible at all or not.

[Controls Guy]

Update on this:

A bunch of my sites stopped working on May 20, 2024.   I was under the impression that May 20 was from a 2022 deadline and that the one for this year was September 30 like the screenshot I posted.

Getting ready for September, I checked Yahoo and saw nothing that indicated they were going to stop doing LSD.    I created an account for use by BRX, but they won't enable app passwords for a brand new account.   I saw advice online about logging into the account consistently for a couple days and then you'd be able to create the LSD password, but that didn't work for me initially.  It took about two weeks and then they finally allowed it maybe 10 days ago.   I was bench testing sending with BRX from the Yahoo account when GMail stopped working on the 21st.

I've currently converted about 20 sites to the Yahoo account and most are working.   Not sure what the issue is with the ones that don't, still looking into it.   Also not sure why there were a couple of units for which GMail still worked after the 21st.

Anyway, if this is affecting anyone else, wanted to let you know what alternatives have been checked out and at least sort of working.

[Bolt]

Similarly, the morning of May 21 a had a BRX that sent its last email. It was the only site I still had on Gmail. For this site I elected to create their own Brevo account, as I didn't need the volume going through my own account. While I have it working now, It wasn't as easy as my other sites were. Along the way, I thought it might be useful to create site specific SMTP keys, instead of using the same master password for all. However, that creates a 90 character password, which is how my question came up earlier. So, back to using the same shorter password for all. Not sure why the master password is shorter than the device specific, but hey, it works again.

[BobO]

We increased the password to 64 characters back some time ago, but not to 90. It's already a bit of a mess managing the 3 different versions of config that currently exist, so we're not excited about touching it again, but I suppose it's possible.