-
- I have the pixel 5 it's the first and only android I had and it's well worth it. Great battery life, fits into my jeans fifth pocket, if you know how to work bb10 the transition to android 11 is a piece of cake with the swipe gestures it's well worth it.elfabio80 likes this.04-18-21 08:53 PMLike 1
- So, back to Blackberry Hub Suite. I have enabled 2FA on all email accounts and used app-specific passwords to have them on my BlackBerry KEYone. So, the question is: how is it less secure than having 2FA directly supported by BlackBerry Hub? I dare to think that it is even a more secure option since 2FA is there and real passwords are not "recorded" anywhere on the device.
Posted via BlackBerry Passport Silver Edition04-25-21 09:51 PMLike 0 - So, back to Blackberry Hub Suite. I have enabled 2FA on all email accounts and used app-specific passwords to have them on my BlackBerry KEYone. So, the question is: how is it less secure than having 2FA directly supported by BlackBerry Hub? I dare to think that it is even a more secure option since 2FA is there and real passwords are not "recorded" anywhere on the device.
Posted via BlackBerry Passport Silver Edition
Whereas, providing an app with an app-specific password gives the developer of that 3rd party app said credentials.
Now, you can decide to trust BlackBerry to treat your account with respect (and not pass it along to other people), but that doesn't work with everyone, nor is it considered wise security policy.Last edited by conite; 04-25-21 at 10:24 PM.
04-25-21 10:11 PMLike 0 - With 2FA your device receives an OAuth token that considers the application safe, and the 3rd party app itself doesn't actually receive or store your login credentials.
Whereas, providing an app with an app-specific password gives the developer of that 3rd party app said credentials.
Now, you can decide to trust BlackBerry to treat your account with respect (and not pass it along to other people), but that doesn't work with everyone, nor is it considered wise security policy.
So, apart from your general strong statements I kindly ask you to be more specific about danger that app-specific passwords pose to the security of my accounts via BlackBerry Hub. Please, describe what harm app-specific password (or third-party app) can cause that 2FA cannot to my account(s). Thanks!
Disclaimer: English is not my native language
P.S.: I can see that you have edited your original post by removing some stronger statements. But, nevertheless, you claim that app-specific passwords can cause harm, so, please, provide some details, where the devil is in.
Posted via BlackBerry Passport Silver Edition04-26-21 06:38 AMLike 0 - I can observe that you are being more and more straightforward in bashing Blackberry these days
So, apart from your general strong statements I kindly ask you to be more specific about danger that app-specific passwords pose to the security of my accounts via BlackBerry Hub. Please, describe what harm app-specific password (or third-party app) can cause that 2FA cannot to my account(s). Thanks!
Disclaimer: English is not my native language
P.S.: I can see that you have edited your original post by removing some stronger statements. But, nevertheless, you claim that app-specific passwords can cause harm, so, please, provide some details, where the devil is in.
Posted via BlackBerry Passport Silver Edition
When using an app-specific password, you give the 3rd party app developer your login credentials, for them to do with it as they please.04-26-21 07:08 AMLike 0 -
Posted via BlackBerry Passport Silver EditionLast edited by iMasterus7; 04-26-21 at 07:56 AM.
04-26-21 07:11 AMLike 0 -
I don't think anyone expect BlackBerry or Microsoft to do this. But there are lot's of other 3rd party apps out there - and your email account is the gateway to access may other accounts. Have an email address - it's get you the "username" (many sites use your email) and access to a email recovery of your password.04-26-21 08:58 AMLike 0 - If they were so inclined... yes.
I don't think anyone expect BlackBerry or Microsoft to do this. But there are lot's of other 3rd party apps out there - and your email account is the gateway to access may other accounts. Have an email address - it's get you the "username" (many sites use your email) and access to a email recovery of your password.
I am pretty sure that if app-specific passwords could be re-used to access an account by third-party folks then usual suspects (aka Apple, Google, Microsoft) would ban this practice at all.
Posted via BlackBerry Passport Silver EditionLast edited by iMasterus7; 04-26-21 at 09:57 AM.
04-26-21 09:14 AMLike 0 - Really?! I thought that app-specific password cannot be reused since it is a one-time one. And besides, app-specific password cannot be used to access an account via website neither to change the original password.
I am pretty sure that if app-specific passwords could be re-used to access an account by third-party folks then usual suspects (aka Apple, Google, Microsoft), would ban this practice at all.
Posted via BlackBerry Passport Silver Edition04-26-21 09:48 AMLike 0 - It's still up to the user to be careful who they give access to their account.... but there is a reason the usual suspects all call it "less secure". But they also will warn you, in the generation process Google will give you a message "this app password grants complete access to your Google Account. You won't need to remember it, so don't write it down or share it with anyone" But try writing it down and using it...
The simple check is that you give the evidence (to support your claim) that app-specific password could be re-used to get an unauthorized access to an account. If you can't, then just admit that you are wrong about this specific case - the world doesn't end.
P.S.: just couple of quotes from Apple and Google, FYI:
"App-specific passwords maintain a high level of security and help ensure your Apple ID password won’t be collected or stored by any third-party apps you use." Apple.
"Every App Password can only be used once." Google.
Posted via BlackBerry Passport Silver EditionLast edited by iMasterus7; 04-26-21 at 10:15 AM.
bh7171 likes this.04-26-21 09:55 AMLike 1 - Really?! I thought that app-specific password cannot be reused since it is a one-time one. And besides, app-specific password cannot be used to access an account via website neither to change the original password.
I am pretty sure that if app-specific passwords could be re-used to access an account by third-party folks then usual suspects (aka Apple, Google, Microsoft) would ban this practice at all.
Posted via BlackBerry Passport Silver Edition
https://www.howtogeek.com/199804/war...tion-specific/
"Application-specific passwords are more dangerous than they sound. Despite their name, they’re anything but application-specific. Each application-specific password is more like a skeleton key that provides unrestricted access to your account."04-26-21 10:19 AMLike 0 - I have Hub installed on a Samsung S20 and 2FA on my email accounts seems to work. When I add a new Gmail or Microsoft account to the Hub, it directs me--within the Hub app--to those sites' respective login pages where I enter my password and second factor authentication. from there, the login is saved in the Hub. No app passwords. unless I'm misunderstanding something...which is quite possible. that sound right?05-01-21 09:42 AMLike 0
- I have Hub installed on a Samsung S20 and 2FA on my email accounts seems to work. When I add a new Gmail or Microsoft account to the Hub, it directs me--within the Hub app--to those sites' respective login pages where I enter my password and second factor authentication. from there, the login is saved in the Hub. No app passwords. unless I'm misunderstanding something...which is quite possible. that sound right?05-01-21 10:43 AMLike 0
-
- ah, I see. The process for me is the same for my Microsoft account though. I click the option in the Hub add account dialog for "Sign in with Microsoft", and it similarly directs me--in app--to my Microsoft account login page where I am prompted for 2FA (in this case via my authenticator app). This is an organization/etnerprise-managed Microsoft account though, if that makes a difference. Pretty sure my hotmail account was added the same way though.Rico4you likes this.05-01-21 03:56 PMLike 1
- ah, I see. The process for me is the same for my Microsoft account though. I click the option in the Hub add account dialog for "Sign in with Microsoft", and it similarly directs me--in app--to my Microsoft account login page where I am prompted for 2FA (in this case via my authenticator app). This is an organization/etnerprise-managed Microsoft account though, if that makes a difference. Pretty sure my hotmail account was added the same way though.05-03-21 04:55 PMLike 0
- That has not been my experience. I have a Pixel 3a with the full BB Suite that runs me 0.99/mo and everything works great.
I also don't think it looks dated, but rather, functional and not overstyled.05-06-21 07:37 PMLike 2 - If it works for you, that's great. But after using something modern, you'd realise just how many features and capabilities you are missing.05-06-21 07:53 PMLike 0
- Given the impending obsolescence of the BlackBerry Suite, how do the iPhone and Pixel native platforms compare to each other, what are the strong arguments for and against each platform for those of us coming off K2.05-07-21 07:04 AMLike 0
-
Also important, is what everyone in your circle is using.05-07-21 07:19 AMLike 0 -
I use iOS, but mostly because it fits best with my family and work.05-07-21 07:23 AMLike 0 - I dual carry Android/iOS Pixel 3a/iPhone XR and it depends on what your circle is using. Android is more familiar coming from KEYone and Motion but iOS ecosystem is better supported by many corporate development teams.05-07-21 08:52 AMLike 0
« Hello!!!
|
Xiaomi Mi Mix4 »
Similar Threads
-
BBM classic owners group
By Normand Raymond in forum BlackBerry ClassicReplies: 37Last Post: 05-03-22, 07:25 AM -
Key 2 Red Edition to Pixel 5 - Reluctantly
By Bammerz in forum BlackBerry KEY2Replies: 42Last Post: 12-08-20, 01:33 PM -
WTT: KEY2 and pixel 3 for iPhone se (2020) 256 gigs
By MB64 in forum Buy, Sell, Trade - Sold / ArchivedReplies: 14Last Post: 09-11-20, 05:55 PM -
Question to BBF100-2 owners
By draculito in forum BlackBerry KEY2Replies: 3Last Post: 08-21-20, 07:32 AM -
Used blackberry passport how to get past BBID of previous owner. without info
By Ben Lang in forum BlackBerry PassportReplies: 2Last Post: 08-14-20, 02:37 PM
LINK TO POST COPIED TO CLIPBOARD