Well, it's quite simple actually... I'm trying to use nodemailer but everytime a try to call the mailer fucntion, it returns an auth error. I searched the error and apparently it's cause because of Google "less secure apps access" (https://myaccount.google.com/lesssecureapps) option, it has to be enabled, but the problem is: since may 30th of 2022, Google updated it's policy, and no longer has this option, so i can't use nodemailer in gmail anymore?
enter image description here
enter image description here
I tried to search the problem and find how to enable the "access to less secure apps" on Google gmail account configuration, but since Google updated it's policy, and they removed that option, i can't find any other solution. I didn't find anyone else with this problem either.
if you enabled 2fa on your google account you can create an apps password.
you can then use the apps password in place of your actual Gmail password in your Code
how to create an apps password
Related
I am trying to use sendgrid on azure, but when I am creating the account, it gives me an error saying:
The portal is having issues getting an authentication token. The experience rendered may be degraded.
Additional information from the call to get a token:
Extension: SendGrid_EmailService
Details: code: 500, statusText: error, message: There was an error processing your request. Please try again in a few moments., stack:
It has been giving me this since morning, pretty annoyed. And also it disables two fields, and marks them as loading:
Screenshot of the two fields marked as loading (For a very long time)
Since sendgrid wasnt working I thought I'd try and use SparkPost- The signup was successful, but its been taking hours to deploy.
Then I thought of manually configuring the smtp settings so the host and user and stuff could be sendgrid, but I wasnt able to find a way to do so.
Could someone help me out please! Thanks in advance!!
EDIT: This problem has been solved by the Microsoft Team.
Looks like SendGrid has some technical problems. You should check first SendGrid official support website if this is the issue. I was using SendGrid for a while, but I had to move to another solution. When you are registering SendGrid account via Azure you getting standard SendGrid plan. That means that you are sending your mails through shared SendGrid IPs. This is probably ok for marketing emails, but if you intend to send any transactional emails like password reset, bills etc you will end up eventually with tearing your hair off the head, because shared SendGrid IPs are in most existing spam blacklists out there.
SendGrid app status
I was able to enter to SendGrid using the following steps from Aaryaman Maheshwari in this comment:
Steps from Aaryaman's answer:
Step 1: In order to find ur username for SendGrid, first, go to the
SendGrid resource and then click properties. Now copy the resource id.
Step 2: Now, in the azure online shell, open bash and type the
following command: az resource show --ids [THE COPIED RESOURCE ID]
Make sure to replace [THE COPIED RESOURCE ID] with the resource Id you
copied in step 1
Step 3: In the json string that the terminal outputs, look for the
username property and note that down
Step 4: After you do that you can manually go to sendgrid.com and then
enter the username you just retrieved and then the password which you
used to sign up with.
Thanks Aaryaman Maheshwari
In order to incresase security, Sendgrid has recently requested to enable 2 factors authentication to connect to your account (it started one or two weeks ago).
Since this moment, the "automatic" connection from Azure to Sendgrid stopped to succes, and we have the same 500 error.
Also, "basic authentication" (username / password) will stop to work (starting from 10 decemeber I believe) in your api.
I'm not sure this is the reason, but it happens at the same time ;)
Just to update:
There was bug identified on Azure Portal and our product engineering team have fixed the issue.
Provisioning SendGrid account via https://portal.azure.com/ and managing works as expected.
The alternate https://rc.portal.azure.com/ URL was shared during the impact and is no longer required to be used.
We had a discussion on Q&A thread. Once again apologies for all the inconvenience. Much appreciate the follow-up and great collaboration.
I'm currently using robotframework to automate test on the web to perform various functions with our app. All of our Test require you login to gmail, the problem is when we run the automation half the time the test fails since google ask for a verification code. I'm using a headless browser cloud solution to run the test. Has anyone run into this issue?
In link How to Secure Your Gmail Account With 2-Step Verification refer section Disable 2-Step Verification in Gmail, . That should help.
Security Checks should NEVER be BYPASSED
You can do the following, by following the below approach you would be merely taking another option of verification(THIS IS NOT BYPASS).
go to
https://myaccount.google.com/
Search bar - search for "app passwords"
Register your app as one of the below cases and generate password, use the same for your log-ins.
Register your app as any one of the following, I suggest you register as either mail/custom app and then proceed with your testing.
Mail
Calendar
Contacts
Youtube
Custom
Less secure apps & your Google Account
Check out this link if nothing works, and use this as the last resort.
I cannot sign in to Kentico client portal, keep seeing that username and password is not correct, when trying the forgotten password link it prompts me
no user found
"when trying to sign-up with same email address it prompts me
email already exist
It seems my account has been disabled ,but how can I enable it back ?
I've had this in the past when I first partnered with Kentico. Finally after several years I was tired of it and got it worked out by contacting Support at Kentico.com. They were able to direct me to the person who handles the different portals and was able to clean them up. Be sure to give them all the email addresses you are using.
I have tried to set up every email client available for linux, ubuntu 14.04 and each and every one fails. I'm looking to find what the common element is that causes authentication to fail in each and every instance. Is it because google has changed their authentication algorithm and nobody has kept up with the changes?
It seems that Google, sometime late in 2014 started blocking apps that are using IMAP/SMTP PLAIN authentication by default. It also seems no Linux email client has addressed this change (at least that as far as I have found).
It had only affected me recently. The change only propagated to me now, in February of 2016. I found this out by attempting to install one email client after the other; kmail, evolution, claws, sylpheed, thunderbird. Finally, after reading Gmail blocking mutt I found out that my mail account had been tampered with by Google to reject anything other than OAuth. One way to fix this is to
Allow less secure apps: ON
in the "My Account" settings.
I received a very nice email from Microsoft Google expressing their dismay that I would choose anything other than their email client to access my gmail account:
Hi ... ,
You recently changed your security settings so that your Google Account ...#gmail.com is no longer protected by modern security standards.
Please be aware that it is now easier for an attacker to break into your account. You can make your account safer again by undoing this change here, then switching to apps made by Google such as Gmail to access your account.
Don't recognize this activity?
Review your recently used devices now.
Best,
The Google Accounts team [emphasis mine]
Apparently the only "modern security standards" are Google's security standards. And for why the above is FUD see:
What are the dangers of allowing “less secure apps” to access my Google account?
Also, lmao, apparently "business users" of gmail do not need this security "improvement." I assume this is so because Google does not want to really make a needed security change (otherwise why leave business users out of this), but rather to strong-arm Mom and Pop into using their email software.
Bad Google.
Yesterday I created a new Ghost Blog website from the Azure website gallery. The installation there asks for Gmail account and passwords, and like any security fanatic I gave my personal gmail account information (mistake #1).
Everything went nicely and got the blog up and running in no time.
Moment went and I got an email from Gmail saying that there has been suspicious log in to my gmail account from Taiwan. Google blocked this login and I made quick password change.
Today I repeated everything, but created new account to gmail to test things out. Same thing happened, but this time the login was from unknown location.
I scanned my computer for keyloggers and didn't find any.
Is it just Google being cautious and warning that the Ghost is trying to send mail and performing login while doing it? Or are those passwords leaking? They are in clear text format in the ghost configs?
Edit:
Screen capture of the Ghost Setup in Azure
To my knowledge this seems totally normal Azure configure step.
The password is stored in clear text in the config.js file, but that is just fine because the file is not accessible from the web.
The reason why GMail complains might be that, in order to send mail, Ghost has to log in to your account with your password. In this case, requests are not coming from your personal computer, but from the Azure server that is in a data center somewhere.
But it's probably not the best idea to ignore the warning, because somebody might have actually breached your account. I would simply use another service for Ghost (like Mailgun).