1. Home
  2. Wireless Networking
  3. What OTP settings do you use to log a 3rd-party Android MUA into Google email?

What OTP settings do you use to log a 3rd-party Android MUA into Google email?

What OTP settings do you use to log a 3rd-party Android MUA into Google email (if you don't use OAuth2 and if you don't have a Google Account)?

If you use 2SV/2FA/MSV/MFA OTP apps, what do you put for OTP settings to log into Google email using a 3rd-party MUA (if you don't use OAuth2)?

formatting link
Flocke free andOTP settings
formatting link
Red Hat freeOTP settings

What "Flocke free andOTP settings" do you use for 3rd-party MUAs?

  1. Type = TOTP (available are TOTP, HOTP, MOTP & STEAM)
  2. Issuer = <blank> (editable)
  3. Label = <blank> (editable)
  4. Secret = <blank> (editable)
  5. Tags = <blank> (editable)
  6. Period 30 (editable)
  7. Digits = 6 (editable) *andOTP* Android OTP Authenticator by Jakob Nixdorf no cost, no ads, no gsf, rated 4.3, 100K+ installs
    formatting link

What "Red Hat freeOTP settings" do you use for 3rd-party MUAs? A. Email = <blank> (editable) B. 28c5e061fcbd49a7 = (16-hex characters, editable) C. Secret = <Base32> (editable) D. Type = TOTP (available are TOTP & HOTP) E. Digits = 6 (available are 6 & 8) F. Algorithm = SHA1 (available are MD5, SHA1, SHA256 & SHA512) G. Interval = 30 (editable) *FreeOTP Authenticator* by Red Hat no cost, no ads, no gsf, rated 3.7, 1M+ installs

formatting link

Reply to
Andy Burnelli
Loading thread data ...

It's interesting how almost all the references gloss over the QR code which most of the OTP Android apps seem to want to use for initial setup.

formatting link
formatting link
formatting link
formatting link
formatting link
formatting link
etc.

Hence I'm still not sure what settings to use for 2FA/2SV/MFA/MSV in the andOTP or freeOTP temporary one-time-password apps on the Android device.

Given there are extremly painful irreversible gotchas involved (e.g., Apple has been sued for NEVER letting you ever turn off 2FV once you turn it on!), it behooves me to line up the 2FA/2SV/MFA/MSV ducks ahead of time.

Especially since I don't even _want_ the inevitable and unrecoverable privacy loss that is a direct result of using 2FA/2SV/MFA/MSV in the first place (e.g., you lose a lot of privacy as you gain a bit of security).

Google references are almost worthless in this regard, as they gloss over the important setup options (as far as I can tell so far from searching).

For example, this Google reference only covers Apple Mail & Outlook but not any of the common 3rd-party Android MUAs such as K9-mail or FairMail. *Set up Gmail with a third-party email client*

formatting link

Luckily this covers the T-OTP apps, where apparently you get the QR code from Google (AFAICT) when you turn the 2FA/2SV/MFA/MSV on in your account. *How to set up Gmail two-factor authentication (2FA) on your phone*

formatting link

As does this, but like that above, it's too general for direct use. *What is two-factor authentication and why should you use it?*

formatting link

In summary, it looks like I'll have to turn 2FA/2SV/MFA/MSV on first before it's clear what the steps are, but bear in mind that if you turn on Apple's

2FA/2SV/MFA/MSV, then you're forever dead as Apple will _never_ allow you to turn it off (which is why I'm being cautious here by asking others).
Reply to
Andy Burnelli

The problem I have with those apps is you have to have _already_ set up your email account as 2FA/2SV/MSA/MSV in order to get them to do anything:

formatting link
Flocke free andOTP settings
formatting link
Red Hat freeOTP settings

The problem I have with setting up 2FA/2SV/MSA/MSV is that I've never set it up and yet I'm trying to understand how it works _before_ I set it up.

One "issue" I have (mostly it's a fear) is that I won't be able to access email via Thunderbird/OAUth2 once I set up 2FA/2SV/MSA/MSV since you set it up by account, and not by MUA, right?

So, if I do set up 2FA/2SV/MSA/MSV for my Google mail account, how does that Google mail account know to use OAuth2 for Windows Thunderbird but, oh, say, app passwords for K9 mail?

Reply to
Andy Burnelli

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.