[SteinwayTransitCorp]

That is the one reason why I cannot go with samsung. You have google apps then samsung apps. That's no good for simple guys like me.

[Jazuyo]

The Pixel 5 is the best slab I've ever used. My priorities are battery life, reasonable size, straight-from-the-source updates, a nice camera, and a clean approach to Android (no bloat or heavy skins).

I have the pixel 5 it's the first and only android I had and it's well worth it. Great battery life, fits into my jeans fifth pocket, if you know how to work bb10 the transition to android 11 is a piece of cake with the swipe gestures it's well worth it.

[iMasterus7]

So, back to Blackberry Hub Suite. I have enabled 2FA on all email accounts and used app-specific passwords to have them on my BlackBerry KEYone. So, the question is: how is it less secure than having 2FA directly supported by BlackBerry Hub? I dare to think that it is even a more secure option since 2FA is there and real passwords are not "recorded" anywhere on the device.

Posted via BlackBerry Passport Silver Edition

[conite]

So, back to Blackberry Hub Suite. I have enabled 2FA on all email accounts and used app-specific passwords to have them on my BlackBerry KEYone. So, the question is: how is it less secure than having 2FA directly supported by BlackBerry Hub? I dare to think that it is even a more secure option since 2FA is there and real passwords are not "recorded" anywhere on the device.

Posted via BlackBerry Passport Silver Edition

With 2FA your device receives an OAuth token that considers the application safe, and the 3rd party app itself doesn't actually receive or store your login credentials.

Whereas, providing an app with an app-specific password gives the developer of that 3rd party app said credentials.

Now, you can decide to trust BlackBerry to treat your account with respect (and not pass it along to other people), but that doesn't work with everyone, nor is it considered wise security policy.

[iMasterus7]

With 2FA your device receives an OAuth token that considers the application safe, and the 3rd party app itself doesn't actually receive or store your login credentials.

Whereas, providing an app with an app-specific password gives the developer of that 3rd party app said credentials.

Now, you can decide to trust BlackBerry to treat your account with respect (and not pass it along to other people), but that doesn't work with everyone, nor is it considered wise security policy.

I can observe that you are being more and more straightforward in bashing Blackberry these days
So, apart from your general strong statements I kindly ask you to be more specific about danger that app-specific passwords pose to the security of my accounts via BlackBerry Hub. Please, describe what harm app-specific password (or third-party app) can cause that 2FA cannot to my account(s). Thanks!

Disclaimer: English is not my native language

P.S.: I can see that you have edited your original post by removing some stronger statements. But, nevertheless, you claim that app-specific passwords can cause harm, so, please, provide some details, where the devil is in.

Posted via BlackBerry Passport Silver Edition

[conite]

I can observe that you are being more and more straightforward in bashing Blackberry these days
So, apart from your general strong statements I kindly ask you to be more specific about danger that app-specific passwords pose to the security of my accounts via BlackBerry Hub. Please, describe what harm app-specific password (or third-party app) can cause that 2FA cannot to my account(s). Thanks!

Disclaimer: English is not my native language

P.S.: I can see that you have edited your original post by removing some stronger statements. But, nevertheless, you claim that app-specific passwords can cause harm, so, please, provide some details, where the devil is in.

Posted via BlackBerry Passport Silver Edition

I'm not sure how I can explain it any other way. I thought I was pretty clear.

When using an app-specific password, you give the 3rd party app developer your login credentials, for them to do with it as they please.

[iMasterus7]

I'm not sure how I can explain it any other way. I thought I was pretty clear.

One way you give the app developer your login credentials, for them to do with it as they please (app-specific password).

So, you say (or mean) that they, developers, can reuse my app-specific password to login into my account?

Posted via BlackBerry Passport Silver Edition

[Dunt Dunt Dunt]

So, you say (or mean) that they, developers, can reuse my app-specific password to login into my account?

Posted via BlackBerry Passport Silver Edition

If they were so inclined... yes.

I don't think anyone expect BlackBerry or Microsoft to do this. But there are lot's of other 3rd party apps out there - and your email account is the gateway to access may other accounts. Have an email address - it's get you the "username" (many sites use your email) and access to a email recovery of your password.

[iMasterus7]

If they were so inclined... yes.

I don't think anyone expect BlackBerry or Microsoft to do this. But there are lot's of other 3rd party apps out there - and your email account is the gateway to access may other accounts. Have an email address - it's get you the "username" (many sites use your email) and access to a email recovery of your password.

Really?! I thought that app-specific password cannot be reused since it is a one-time one. And besides, app-specific password cannot be used to access an account via website neither to change the original password.
I am pretty sure that if app-specific passwords could be re-used to access an account by third-party folks then usual suspects (aka Apple, Google, Microsoft) would ban this practice at all.

Posted via BlackBerry Passport Silver Edition

[Dunt Dunt Dunt]

Really?! I thought that app-specific password cannot be reused since it is a one-time one. And besides, app-specific password cannot be used to access an account via website neither to change the original password.
I am pretty sure that if app-specific passwords could be re-used to access an account by third-party folks then usual suspects (aka Apple, Google, Microsoft), would ban this practice at all.

Posted via BlackBerry Passport Silver Edition

It's still up to the user to be careful who they give access to their account.... but there is a reason the usual suspects all call it "less secure". But they also will warn you, in the generation process Google will give you a message "this app password grants complete access to your Google Account. You won't need to remember it, so don't write it down or share it with anyone" But try writing it down and using it...

[iMasterus7]

It's still up to the user to be careful who they give access to their account.... but there is a reason the usual suspects all call it "less secure". But they also will warn you, in the generation process Google will give you a message "this app password grants complete access to your Google Account. You won't need to remember it, so don't write it down or share it with anyone" But try writing it down and using it...

So now you are jumping around like some folks here without giving a direct answer. Not all "usual suspects" call app-specific passwords less secure: I have checked Apple and Microsoft websites and they don't make such strong claims. Google, yes, call it less secure and maybe that's why you and Conite call it also less secure without giving specific reasons as to why it is less secure.
The simple check is that you give the evidence (to support your claim) that app-specific password could be re-used to get an unauthorized access to an account. If you can't, then just admit that you are wrong about this specific case - the world doesn't end.

P.S.: just couple of quotes from Apple and Google, FYI:
"App-specific passwords maintain a high level of security and help ensure your Apple ID password won’t be collected or stored by any third-party apps you use." Apple.

"Every App Password can only be used once." Google.

Posted via BlackBerry Passport Silver Edition

[conite]

Really?! I thought that app-specific password cannot be reused since it is a one-time one. And besides, app-specific password cannot be used to access an account via website neither to change the original password.
I am pretty sure that if app-specific passwords could be re-used to access an account by third-party folks then usual suspects (aka Apple, Google, Microsoft) would ban this practice at all.

Posted via BlackBerry Passport Silver Edition

If you provide, say, the BlackBerry HUB with an app-specific password, BlackBerry themselves (and anyone they choose to give it to) would now have access to those login credentials and will have unfettered access to your account.

https://www.howtogeek.com/199804/war...tion-specific/

"Application-specific passwords are more dangerous than they sound. Despite their name, they’re anything but application-specific. Each application-specific password is more like a skeleton key that provides unrestricted access to your account."

[SatoshiX]

I have Hub installed on a Samsung S20 and 2FA on my email accounts seems to work. When I add a new Gmail or Microsoft account to the Hub, it directs me--within the Hub app--to those sites' respective login pages where I enter my password and second factor authentication. from there, the login is saved in the Hub. No app passwords. unless I'm misunderstanding something...which is quite possible. that sound right?

[conite]

I have Hub installed on a Samsung S20 and 2FA on my email accounts seems to work. When I add a new Gmail or Microsoft account to the Hub, it directs me--within the Hub app--to those sites' respective login pages where I enter my password and second factor authentication. from there, the login is saved in the Hub. No app passwords. unless I'm misunderstanding something...which is quite possible. that sound right?

No it doesn't. HUB doesn't support that.

[SatoshiX]

No it doesn't. HUB doesn't support that.

This is me adding a Gmail account just now. Am I misunderstanding something?

[conite]

This is me adding a Gmail account just now. Am I misunderstanding something?

My apologies. I reread and you are talking about Google. The virtues of having a Google device.

Yahoo, and Outlook are different.

[SatoshiX]

My apologies. I reread and you are talking about Google. The virtues of having a Google device.

Yahoo, and Outlook are different.

ah, I see. The process for me is the same for my Microsoft account though. I click the option in the Hub add account dialog for "Sign in with Microsoft", and it similarly directs me--in app--to my Microsoft account login page where I am prompted for 2FA (in this case via my authenticator app). This is an organization/etnerprise-managed Microsoft account though, if that makes a difference. Pretty sure my hotmail account was added the same way though.

[SatoshiX]

ah, I see. The process for me is the same for my Microsoft account though. I click the option in the Hub add account dialog for "Sign in with Microsoft", and it similarly directs me--in app--to my Microsoft account login page where I am prompted for 2FA (in this case via my authenticator app). This is an organization/etnerprise-managed Microsoft account though, if that makes a difference. Pretty sure my hotmail account was added the same way though.

Spoke too soon on Hotmail. Indeed that requires an app password. I'm curious now what third party mail apps can facilitate 2FA in such instances (and apologies for taking this thread so far off its original topic)

[conite]

Spoke too soon on Hotmail. Indeed that requires an app password. I'm curious now what third party mail apps can facilitate 2FA in such instances (and apologies for taking this thread so far off its original topic)

Pretty much pick any actively developed email client. Like Spark Email - which happens to be a darn good one.

[Platinum_2]

Google apps.

The HUB Suite is very dated now, and is slowly breaking.

That has not been my experience. I have a Pixel 3a with the full BB Suite that runs me 0.99/mo and everything works great.

I also don't think it looks dated, but rather, functional and not overstyled.

[conite]

That has not been my experience. I have a Pixel 3a with the full BB Suite that runs me 0.99/mo and everything works great.

I also don't think it looks dated, but rather, functional and not overstyled.

If it works for you, that's great. But after using something modern, you'd realise just how many features and capabilities you are missing.

[TheGraduate]

Given the impending obsolescence of the BlackBerry Suite, how do the iPhone and Pixel native platforms compare to each other, what are the strong arguments for and against each platform for those of us coming off K2.

[conite]

Given the impending obsolescence of the BlackBerry Suite, how do the iPhone and Pixel native platforms compare to each other, what are the strong arguments for and against each platform for those of us coming off K2.

The general rule is that Apple is for people who just want things to work right out of the box, and Android is for people who like to customise their experience and tinker with things.

Also important, is what everyone in your circle is using.

[Dunt Dunt Dunt]

Given the impending obsolescence of the BlackBerry Suite, how do the iPhone and Pixel native platforms compare to each other, what are the strong arguments for and against each platform for those of us coming off K2.

If your comfortable with Android.... I'd stick with it. Have a lot more ability to customize and try different options.

I use iOS, but mostly because it fits best with my family and work.

[Chuck Finley69]

Given the impending obsolescence of the BlackBerry Suite, how do the iPhone and Pixel native platforms compare to each other, what are the strong arguments for and against each platform for those of us coming off K2.

I dual carry Android/iOS Pixel 3a/iPhone XR and it depends on what your circle is using. Android is more familiar coming from KEYone and Motion but iOS ecosystem is better supported by many corporate development teams.