[MykOne]

My GMail and FB got hacked the other day and I just now got access back to the accounts. Regarding Gmail....
1) I want to re-secure my account. Does BB use imap or pop when we receive emails on our BB? I want to disable both of these, but not sure if it will affect how I get my emails on my BB.

2) If at the time my GMail was hacked... was there anyway that my BB could of been hacked into as well?

Not sure if this is the place to post.. but its the phone I have.

Thanks!!

[melander]

My GMail and FB got hacked the other day and I just now got access back to the accounts. Regarding Gmail....
1) I want to re-secure my account. Does BB use imap or pop when we receive emails on our BB? I want to disable both of these, but not sure if it will affect how I get my emails on my BB.

2) If at the time my GMail was hacked... was there anyway that my BB could of been hacked into as well?

Not sure if this is the place to post.. but its the phone I have.

Thanks!!

There are several ways to setup gmail on the 9930.

1. Through BIS - with this method, you are storing your gmail password on RIM's servers. RIM then downloads your mail and forwards it to your phone. When looking at the logs, BIS downloads via IMAP. Not sure if IMAP was not available if BIS would try POP3.

I've been told that RIM's servers are pretty secure. However, I dislike saving my password on devices that are not in my own control. It's a matter of personal preference and your level of paranoia.



2. Forward emails from gmail to your blackberry (*@*.blackberry.net or BES) account
This way no passwords are stored.

3. Third party email applications like Logicmail or the defunct gmail one. With these, your password is stored on your phone and it exchanges an SSL session securely and directly to gmail.


On to a solution I use regarding gmail security.

As for securing your account, I suggest two factor authentication. See
http://www.google.com/support/accoun...&topic=1056284


With this, any time you try to login to your gmail account through a new browser session, you will get a text message sent to your phone with a validation code. To not be a hassle, there is a cookie stored that allows that browser for 30 days without re-validating.

Even if someone has your password, they could not get in unless they receive the text message with the randomly generated 2nd factor. This text message could also alert you if someone has your base password because you would all of a sudden get text messages and have not requested to login to gmail. The 2nd factor is not sent on incorrect password attempts or "lost/forgotten" passowrd clicks.

Next, you would forward your gmails to your BIS/BES address. The only time your
password is stored or sent to gmail is by you. But there would be no synching
of folders on your phone.

If you need IMAP folder sync or calendar access, you will have to setup application passwords. Application passwords can be used by individual apps to access gmail's IMAP or POP3 service (BIS, Logicmail, google sync,Thunderbird, Eudora ,OE) but not browser logins. These are randomly generated strings by google and you must write them down or generate a new one per app.

[MykOne]

Wow!! Thank you for the very detailed response!! I really appreciate it!!

I should of explained that I do have my Gmail set up with BIS and have the Gmail icon on my home screen.

So with that... If I turned off/disabled imap and pop in gmail settings... Would that effect the push email to my BB? I also have Calendar sync "checked" under BIS.. Will that be effected as well?

I do have the two factor authentication set up and I had to generate the codes to use Google talk.

Posted from my CrackBerry at wapforums.crackberry.com

[T�nis]

I've been told that RIM's servers are pretty secure. However, I dislike saving my password on devices that are not in my own control. It's a matter of personal preference and your level of paranoia.



2. Forward emails from gmail to your blackberry (*@*.blackberry.net or BES) account
This way no passwords are stored ...

Just curious why you would be worried about RIM having the passwords. Is it because you think its servers could be hacked?

[USSZulu]

Honestly any server could be hacked if someone has the resources and know how. But then again GMail could be hacked too. So not entirely sure it matters. I am not worried about RIM and their security.

[melander]

Just curious why you would be worried about RIM having the passwords. Is it because you think its servers could be hacked?

I'm not saying RIM was hacked, but true anyone can be. While there are some remote attack vectors out there, any PCI complaint service provider is going to have good to great security at the borders. I actually trust internal access less especially when there is access given to support staff that is not under the same lawful regulations as the company's home of operations.

[MykOne]

So do you think disabling imap and pop will effect push email to my BB using BIS?

Posted from my CrackBerry at wapforums.crackberry.com

[USSZulu]

Yes, if you disable IMAP and POP3, you will lose the ability for BIS to retrieve email from your GMAIL account.

[Donnee]

when you disable imap on gmail you'll get one last email to your phone which basically reads "youve disabled imap, reenable it and set your emails up again once done"

cant work without it i'm afraid