What the hell starts pulseaudio?!

RW rwmaillists at googlemail.com
Thu Jul 15 21:54:46 UTC 2021

On Thu, 15 Jul 2021 22:45:47 +0200
Ralf Mardorf wrote:

> On Thu, 2021-07-15 at 22:30 +0200, Ralf Mardorf wrote:
> > On Thu, 15 Jul 2021 21:16:28 +0100, RW via freebsd-questions wrote:
> >  

> On Thu, 12 Mar 2020 22:13:47 -0400, edwardp at gmx.com stated:
> >  
> https://www.bleepingcomputer.com/news/security/google-to-force-oauth-in-g-suite-to-increase-security/
> > 
> > If this information is correct, it applies to G Suite accounts.
> > 
> > It doesn't specifically mention individual Gmail accounts.  

> Lets be honest here. It is no longer a question of "if" but rather
> "when" will Google & Microsoft and then all of the other carriers
> follow suit and limit access to their products only by apps employing
> OAuth2 access.

I'm not sure about gmail. When you enable 2FA it disables the use of
the main password from mail clients, but you can still get an
autogenerated random "app password" to use instead. 

App passwords can't be used for anything else but accessing mail
servers and they can be made arbitrarily long. oauth2 looks to be only
marginally more secure since its secret can be read by a cracker
or malware just as easily as an app password can. Oauth2 protects
against the case where an attacker has intercepted the connection and
got around TLS, which seems the lesser case to me.

I don't see any good reason for gmail to ban app passwords.

More information about the freebsd-questions mailing list