Got a credit card? use our Credit Card & Finance Calculators
Thanks to gpadsa,Steffers0,lansdown,Wasron,jfgw, for Donating to support the site
Gmail and two factor authentification
-
- Lemon Half
- Posts: 6069
- Joined: November 5th, 2016, 9:05 am
- Has thanked: 20 times
- Been thanked: 1419 times
Gmail and two factor authentification
I have had an email from Google saying they are implenting two factor authentication in the near future.
Unless they make a single authentication last a month or more that's going to make using gmail extremely annoying very quickly. Having upgraded to a new computer with Windows 11, it's nice that gmail automically syncs so there's no gruesome process of transferring data, but Mail for Windows can be a horror when you aren't used to it.
Unless they make a single authentication last a month or more that's going to make using gmail extremely annoying very quickly. Having upgraded to a new computer with Windows 11, it's nice that gmail automically syncs so there's no gruesome process of transferring data, but Mail for Windows can be a horror when you aren't used to it.
-
- Lemon Quarter
- Posts: 4502
- Joined: November 4th, 2016, 2:25 pm
- Has thanked: 649 times
- Been thanked: 1275 times
Re: Gmail and two factor authentification
I've been using 2FA with Gmail for ages and (touch wood) the only time it ever really bothers me is if I try and access from a new client device, for which you'll get an alert.
AFAIK all that's happening is they are forcing 2FA to be used - not upping the ante in terms of making it more awkward to use.
Same with Microsoft/Outlook.live.com. and other MS or linked API services.
Authenticator can generate offline access codes (when needed) so will still work without a mobile/Wi-Fi signal.
AFAIK all that's happening is they are forcing 2FA to be used - not upping the ante in terms of making it more awkward to use.
Same with Microsoft/Outlook.live.com. and other MS or linked API services.
Authenticator can generate offline access codes (when needed) so will still work without a mobile/Wi-Fi signal.
-
- Lemon Slice
- Posts: 778
- Joined: November 4th, 2016, 7:18 am
- Has thanked: 211 times
- Been thanked: 491 times
Re: Gmail and two factor authentification
If you have Gmail set up in outlook or something, you don't have to use 2fa every time for this. It's not as intrusive as you fear, and less intrusive than having your account hacked into.
-
- Lemon Half
- Posts: 6069
- Joined: November 5th, 2016, 9:05 am
- Has thanked: 20 times
- Been thanked: 1419 times
Re: Gmail and two factor authentification
Midsmartin wrote:If you have Gmail set up in outlook or something, you don't have to use 2fa every time for this.
There are contradictory statements. The email announcing 2FA doesn't caveat it by saying it only applies when using a new device. Elsewhare that caveat is stated. I've already noticed that despite being the same machine, Google will complain when I'm using a hotel wifi rather than the home connection.
-
- Lemon Slice
- Posts: 778
- Joined: November 4th, 2016, 7:18 am
- Has thanked: 211 times
- Been thanked: 491 times
Re: Gmail and two factor authentification
Alaric wrote:Midsmartin wrote:If you have Gmail set up in outlook or something, you don't have to use 2fa every time for this.
There are contradictory statements. The email announcing 2FA doesn't caveat it by saying it only applies when using a new device. Elsewhare that caveat is stated. I've already noticed that despite being the same machine, Google will complain when I'm using a hotel wifi rather than the home connection.
I'm assuming it works the same way as office365 2fa. You have to use the second factor when you first configure outlook on your desktop, but it does not ask you every time you open outlook. In some cases you need to use an "app password",a generated password that only works for one application..a bit of a bypass of 2fa.
-
- The full Lemon
- Posts: 19022
- Joined: November 4th, 2016, 3:58 pm
- Has thanked: 642 times
- Been thanked: 6741 times
Re: Gmail and two factor authentification
Alaric wrote:I have had an email from Google saying they are implenting two factor authentication in the near future.
Unless they make a single authentication last a month or more that's going to make using gmail extremely annoying very quickly. Having upgraded to a new computer with Windows 11, it's nice that gmail automically syncs so there's no gruesome process of transferring data, but Mail for Windows can be a horror when you aren't used to it.
Yeah, I can see the value of 2FA for my financial accounts. But for email?
I already have issues accessing email if I suddenly materalise in another country, as I do quite often, and this will just make that worse, not least because my designated phone may not work in the location I am in.
At least give me the option to opt out of the extra security.
-
- Lemon Quarter
- Posts: 4502
- Joined: November 4th, 2016, 2:25 pm
- Has thanked: 649 times
- Been thanked: 1275 times
Re: Gmail and two factor authentification
Alaric wrote:Midsmartin wrote:If you have Gmail set up in outlook or something, you don't have to use 2fa every time for this.
There are contradictory statements. The email announcing 2FA doesn't caveat it by saying it only applies when using a new device. Elsewhare that caveat is stated. I've already noticed that despite being the same machine, Google will complain when I'm using a hotel wifi rather than the home connection.
Hotel WiFi is notoriously flaky from a security perspective - so that may be a separate Google alert issue!
There have also been quite a few successful database breaches and ransomware attacks on hotel chains - if you can use a 4/5G mobile phone wifi hotspot do so.
If not try a VPN, but again that might cause issues with Google/Gmail off the bat. Split tunnel VPN should help there so you can bypass if needs be.
Last edited by Infrasonic on December 7th, 2021, 9:20 pm, edited 1 time in total.
-
- Lemon Quarter
- Posts: 2484
- Joined: November 18th, 2021, 11:57 am
- Has thanked: 2003 times
- Been thanked: 1213 times
Re: Gmail and two factor authentification
I think the key thing here is that your Gmail password is the password to everything that the Google environment offers you. Whether you are using them or not. There is far more at stake here than access to a Gmail account. I advise everyone to implement 2FA for their Google (gmail) account.
-
- The full Lemon
- Posts: 19022
- Joined: November 4th, 2016, 3:58 pm
- Has thanked: 642 times
- Been thanked: 6741 times
Re: Gmail and two factor authentification
Infrasonic wrote:Alaric wrote:Midsmartin wrote:If you have Gmail set up in outlook or something, you don't have to use 2fa every time for this.
There are contradictory statements. The email announcing 2FA doesn't caveat it by saying it only applies when using a new device. Elsewhare that caveat is stated. I've already noticed that despite being the same machine, Google will complain when I'm using a hotel wifi rather than the home connection.
Hotel WiFi is notoriously flaky from a security perspective - so that may be a separate Google alert issue!
There have also been quite a few successful database breaches and ransomware attacks on hotel chains - if you can use a 4/5G mobile phone wifi hotspot do so.
If not try a VPN, but again that might cause issues with Google/Gmail off the bat. Split tunnel VPN should help there so you can bypass if needs be.
But why should I have to jump through all those hoops? At minimum it should be optional.
-
- Lemon Quarter
- Posts: 4502
- Joined: November 4th, 2016, 2:25 pm
- Has thanked: 649 times
- Been thanked: 1275 times
Re: Gmail and two factor authentification
Lootman wrote:Infrasonic wrote:Alaric wrote:There are contradictory statements. The email announcing 2FA doesn't caveat it by saying it only applies when using a new device. Elsewhare that caveat is stated. I've already noticed that despite being the same machine, Google will complain when I'm using a hotel wifi rather than the home connection.
Hotel WiFi is notoriously flaky from a security perspective - so that may be a separate Google alert issue!
There have also been quite a few successful database breaches and ransomware attacks on hotel chains - if you can use a 4/5G mobile phone wifi hotspot do so.
If not try a VPN, but again that might cause issues with Google/Gmail off the bat. Split tunnel VPN should help there so you can bypass if needs be.
But why should I have to jump through all those hoops? At minimum it should be optional.
Because there are liability issues and loads of data beaches - stupid people do stupid things all the time and I suppose Google and the other big corps. have got to the stage where they are limiting their legal liability by enforcing 2FA.
I was resistant for ages as 2FA was a PITA in the early days - I tried it and backed out. My recent experiences have been fine though and I'm slowly working my way through various accounts turning 2FA on. No issues whatsoever (so far...).
-
- The full Lemon
- Posts: 19022
- Joined: November 4th, 2016, 3:58 pm
- Has thanked: 642 times
- Been thanked: 6741 times
Re: Gmail and two factor authentification
Infrasonic wrote:Lootman wrote:Infrasonic wrote:Hotel WiFi is notoriously flaky from a security perspective - so that may be a separate Google alert issue!
There have also been quite a few successful database breaches and ransomware attacks on hotel chains - if you can use a 4/5G mobile phone wifi hotspot do so.
If not try a VPN, but again that might cause issues with Google/Gmail off the bat. Split tunnel VPN should help there so you can bypass if needs be.
But why should I have to jump through all those hoops? At minimum it should be optional.
Because there are liability issues and loads of data beaches - stupid people do stupid things all the time and I suppose Google and the other big corps. have got to the stage where they are limiting their legal liability by enforcing 2FA.
I was resistant for ages as 2FA was a PITA in the early days - I tried it and backed out. My recent experiences have been fine though and I'm slowly working my way through various accounts turning 2FA on. No issues whatsoever (so far...).
Like you I have come around to the value of 2FA when it comes to financial accounts.
But email?
-
- Lemon Quarter
- Posts: 4502
- Joined: November 4th, 2016, 2:25 pm
- Has thanked: 649 times
- Been thanked: 1275 times
Re: Gmail and two factor authentification
Lootman wrote:Infrasonic wrote:Lootman wrote:But why should I have to jump through all those hoops? At minimum it should be optional.
Because there are liability issues and loads of data beaches - stupid people do stupid things all the time and I suppose Google and the other big corps. have got to the stage where they are limiting their legal liability by enforcing 2FA.
I was resistant for ages as 2FA was a PITA in the early days - I tried it and backed out. My recent experiences have been fine though and I'm slowly working my way through various accounts turning 2FA on. No issues whatsoever (so far...).
Like you I have come around to the value of 2FA when it comes to financial accounts.
But email?
Why do you think spammers jump through so many authentication hoops (SPF/DKIM/ARC) to deliver phishing emails / malware et al? Because it works well enough financially to keep them persisting, despite the might of Google / Microsoft and others trying to stop them.
ID theft can occur over a long period of time as they knit together disparate bits of info garnered from different database sources. Pay attention to how many different entities get successfully hacked and the sensitive personal data that gets exposed if not properly encrypted. I've pointed this out to you before on other threads, nothing has changed there.
-
- The full Lemon
- Posts: 19022
- Joined: November 4th, 2016, 3:58 pm
- Has thanked: 642 times
- Been thanked: 6741 times
Re: Gmail and two factor authentification
Infrasonic wrote:Lootman wrote:Infrasonic wrote:Because there are liability issues and loads of data beaches - stupid people do stupid things all the time and I suppose Google and the other big corps. have got to the stage where they are limiting their legal liability by enforcing 2FA.
I was resistant for ages as 2FA was a PITA in the early days - I tried it and backed out. My recent experiences have been fine though and I'm slowly working my way through various accounts turning 2FA on. No issues whatsoever (so far...).
Like you I have come around to the value of 2FA when it comes to financial accounts.
But email?
Why do you think spammers jump through so many authentication hoops (SPF/DKIM/ARC) to deliver phishing emails / malware et al? Because it works well enough financially to keep them persisting, despite the might of Google / Microsoft and others trying to stop them.
ID theft can occur over a long period of time as they knit together disparate bits of info garnered from different database sources. Pay attention to how many different entities get successfully hacked and the sensitive personal data that gets exposed if not properly encrypted. I've pointed this out to you before on other threads, nothing has changed there.
I keep my personal and financial data in very separate emails from the more general stuff that can do me no harm.
So I draw a distinction between email accounts that can cause me harm and those that cannot. Unless you think me letting my buddy know that I will see him in the pub this Friday night can somehow be used against me.
Give me the choice!!!
-
- Lemon Quarter
- Posts: 4502
- Joined: November 4th, 2016, 2:25 pm
- Has thanked: 649 times
- Been thanked: 1275 times
Re: Gmail and two factor authentification
Lootman wrote:Infrasonic wrote:Lootman wrote:Like you I have come around to the value of 2FA when it comes to financial accounts.
But email?
Why do you think spammers jump through so many authentication hoops (SPF/DKIM/ARC) to deliver phishing emails / malware et al? Because it works well enough financially to keep them persisting, despite the might of Google / Microsoft and others trying to stop them.
ID theft can occur over a long period of time as they knit together disparate bits of info garnered from different database sources. Pay attention to how many different entities get successfully hacked and the sensitive personal data that gets exposed if not properly encrypted. I've pointed this out to you before on other threads, nothing has changed there.
I keep my personal and financial data in very separate emails from the more general stuff that can do me no harm.
So I draw a distinction between email accounts that can cause me harm and those that cannot. Unless you think me letting my buddy know that I will see him in the pub this Friday night can somehow be used against me.
Give me the choice!!!
Unless your sensitive emails are encrypted at source (which requires the receive end to be similarly set up to decrypt them) then having different email accounts makes very little difference - you're effectively sending electronic postcards, not wax sealed letters.
-
- The full Lemon
- Posts: 19022
- Joined: November 4th, 2016, 3:58 pm
- Has thanked: 642 times
- Been thanked: 6741 times
Re: Gmail and two factor authentification
Infrasonic wrote:Lootman wrote:Infrasonic wrote:Why do you think spammers jump through so many authentication hoops (SPF/DKIM/ARC) to deliver phishing emails / malware et al? Because it works well enough financially to keep them persisting, despite the might of Google / Microsoft and others trying to stop them.
ID theft can occur over a long period of time as they knit together disparate bits of info garnered from different database sources. Pay attention to how many different entities get successfully hacked and the sensitive personal data that gets exposed if not properly encrypted. I've pointed this out to you before on other threads, nothing has changed there.
I keep my personal and financial data in very separate emails from the more general stuff that can do me no harm.
So I draw a distinction between email accounts that can cause me harm and those that cannot. Unless you think me letting my buddy know that I will see him in the pub this Friday night can somehow be used against me.
Give me the choice!!!
Unless your sensitive emails are encrypted at source (which requires the receive end to be similarly set up to decrypt them) then having different email accounts makes very little difference - you're effectively sending electronic postcards, not wax sealed letters.
Again, there is a clear distinction between the information contained in the email account I use for financial data and the account I use for personal stuff that cannot do me any harm. I am running out of different ways to explain that to you.
-
- Lemon Half
- Posts: 6069
- Joined: November 5th, 2016, 9:05 am
- Has thanked: 20 times
- Been thanked: 1419 times
Re: Gmail and two factor authentification
BullDog wrote:I think the key thing here is that your Gmail password is the password to everything that the Google environment offers you.
If what you are looking for is a reliable email account, the security of bells and whistkes should not be there to cause grief. I don't suppose the Microsoft rival (something@outlook.com ? ) is any better.
-
- Lemon Quarter
- Posts: 4502
- Joined: November 4th, 2016, 2:25 pm
- Has thanked: 649 times
- Been thanked: 1275 times
Re: Gmail and two factor authentification
Alaric wrote:BullDog wrote:I think the key thing here is that your Gmail password is the password to everything that the Google environment offers you.
If what you are looking for is a reliable email account, the security of bells and whistkes should not be there to cause grief. I don't suppose the Microsoft rival (something@outlook.com ? ) is any better.
I use both free Gmail/Outlook.com with 2FA and both are pain free - I just click 'yes' on the MS authenticator app when it asks if I want to grant access - which is only an 'every time' event when I access my MS account (rarely).
For email access it will only get involved if I change to something like a new client, or need to set up another alias address (that has to be done via the MS account).
I also use the MS authenticator app for my domain mail (Fasthosts) - again it only gets involved when there are changes. I've just logged in to the webmail and it was two clicks. The bookmark and the user/password entry confirmation - exactly the same as before I started using 2FA.
-
- Lemon Half
- Posts: 8436
- Joined: November 8th, 2016, 5:56 am
- Has thanked: 4496 times
- Been thanked: 3627 times
Re: Gmail and two factor authentification
Infrasonic wrote:Alaric wrote:BullDog wrote:I think the key thing here is that your Gmail password is the password to everything that the Google environment offers you.
If what you are looking for is a reliable email account, the security of bells and whistkes should not be there to cause grief. I don't suppose the Microsoft rival (something@outlook.com ? ) is any better.
I use both free Gmail/Outlook.com with 2FA and both are pain free - I just click 'yes' on the MS authenticator app when it asks if I want to grant access - which is only an 'every time' event when I access my MS account (rarely).
For email access it will only get involved if I change to something like a new client, or need to set up another alias address (that has to be done via the MS account).
I also use the MS authenticator app for my domain mail (Fasthosts) - again it only gets involved when there are changes. I've just logged in to the webmail and it was two clicks. The bookmark and the user/password entry confirmation - exactly the same as before I started using 2FA.
it's configurable at an org level by whomever is running your MS email
- i.e. the duration of authentication can be set to expire sooner if need been (or only on changes in things like IP or client)
I think BullDog's point is correct as to why Google are acting the way there are... in that there's no "just email" gmail account
- even enterprise hosted google ones I have come with the full gammut of drive, and SSO login capabilities
- access to one of them even if I am not interested in the resources or data stored therein affords a decent opportunity for identify theft
- sd
-
- Lemon Quarter
- Posts: 4180
- Joined: November 4th, 2016, 9:42 pm
- Has thanked: 1004 times
- Been thanked: 1855 times
Re: Gmail and two factor authentification
Lootman wrote:Yeah, I can see the value of 2FA for my financial accounts. But for email?
There have been countless reports of email accounts being hacked, usually by malware stealing your login cookies so they can be used on another device. 2FA protects against that.
-
- The full Lemon
- Posts: 19022
- Joined: November 4th, 2016, 3:58 pm
- Has thanked: 642 times
- Been thanked: 6741 times
Re: Gmail and two factor authentification
Breelander wrote:Lootman wrote:Yeah, I can see the value of 2FA for my financial accounts. But for email?
There have been countless reports of email accounts being hacked, usually by malware stealing your login cookies so they can be used on another device. 2FA protects against that.
Agreed, but whether or not that matters depends crucially on what I use that email account for. I am suggesting that the user should be allowed to opt in or out of 2FA, rather than have that imposed upon them.
Return to “Technology - Computers, TV, Phones etc.”
Who is online
Users browsing this forum: No registered users and 5 guests