usual questions 1. what was so bad about the old method that it has to be replaced? 2. what's the fallback procedure for when the new method doesn't work?
So having authenticated oneself like this do we ever have to do it again? For example, if we 'logout' of the email and later try to login again, or login to it from another device, does it authenticate in the same way? If so, what happens if we have lost the phone (or other device) containing the authenticator app?
Obviously, you didn't listen closely, he said it'll remember you and you are authenticated successfully previously so you should not have to do it again.
@@johnhpalmer6098 You'd have to define "you". If I'm in a different location, trying to access my email on a different computer, without the phone I used to authenticate, which is a plausible scenario (for example I'm on a trip and my phone is stolen, or a fire at home), how do I ever get back into my account? There's no password, there seems no way to access it.
@@johnhpalmer6098 I'll put it more simply. If I'm away from the computer I authenticated on and try to access my email, I assume I will be authenticated again but what happens if I no longer have the phone I used to authenticate, maybe it's been stolen, left behind, damaged, whatever. How do I get into the email without a password. I don't understand how it works, and I doubt you do either.
3:44 So if the message Thunderbird sends to Microsoft is intercepted and a fake approval is sent back, a hacker is in. Way to go, Thunderbird! You skipped proper authentication because you were too lazy to implement it.
✅ Watch next ▶ Is Passwordless Authentication Safe? ▶ ruclips.net/video/81w_WaGGumk/видео.html
usual questions
1. what was so bad about the old method that it has to be replaced?
2. what's the fallback procedure for when the new method doesn't work?
Thanks Leo
So having authenticated oneself like this do we ever have to do it again? For example, if we 'logout' of the email and later try to login again, or login to it from another device, does it authenticate in the same way? If so, what happens if we have lost the phone (or other device) containing the authenticator app?
Obviously, you didn't listen closely, he said it'll remember you and you are authenticated successfully previously so you should not have to do it again.
@@johnhpalmer6098 You'd have to define "you". If I'm in a different location, trying to access my email on a different computer, without the phone I used to authenticate, which is a plausible scenario (for example I'm on a trip and my phone is stolen, or a fire at home), how do I ever get back into my account? There's no password, there seems no way to access it.
@@johnhpalmer6098 I'll put it more simply. If I'm away from the computer I authenticated on and try to access my email, I assume I will be authenticated again but what happens if I no longer have the phone I used to authenticate, maybe it's been stolen, left behind, damaged, whatever. How do I get into the email without a password. I don't understand how it works, and I doubt you do either.
I don't like to use 2 step authentication. What if phone is lost or misplaced? If that's the case, how do I retrieve the emails without the phone?
That's a good question. I can't even make a new Gmail account because I don't own a phone.
Is passwordless feature good?
I've come to like it, yes.
I like thunderbird because it's also good to receive RSS feeds
3:44 So if the message Thunderbird sends to Microsoft is intercepted and a fake approval is sent back, a hacker is in. Way to go, Thunderbird! You skipped proper authentication because you were too lazy to implement it.