Yahoo Mail

POP Peeper: Tech support, suggestions, discussion, etc.
Post Reply
viviand
Posts: 27
Joined: Fri Dec 07, 2012 1:59 pm

Yahoo Mail

Post by viviand »

Hi there!

Received this email this morning and was wondering how (if you know) this will impact PP?

Thanks in advance and stay safe!

email:
We love that you love using your Yahoo Mail. And we want to make sure you always have the best experience. That’s why we’re reaching out today.

We’ve noticed that you’re using non-Yahoo applications (such as third-party email, calendar, or contact applications) that may use a less secure sign-in method. To protect you and your data, Yahoo will no longer support the current sign-in functionality in your application starting on 20 October 2020. This means that you will need to take one of the steps below to continue using Yahoo Mail without interruption.

But don’t worry, you have options. Find an option that works best for you below:

Option 1: We recommend that you access your email using our free Yahoo Mail app for iOS and Android or simply go to mail.yahoo.com to access Yahoo Mail on the web.

Option 2: Keep your current, non-Yahoo app, BUT follow a few steps to get it to sync with our secure sign-in method. The steps vary across different email applications, but in most cases, you will have to remove your Yahoo account from the app and then add it back again to update the sign-in security. Use the links below to follow the specific steps for your current application:

iOS Mail
Gmail
Samsung Mail
Others

Option 3: You can generate a one-time, unique password that will allow you to sign in to your account using your non-Yahoo email application. Once created, this password will continue to allow your app to securely sync your Yahoo email unless you sign out (or are signed out) from your app. You can find instructions on how to do this here.

If you want more details on these changes, please visit our help page. If you’ve already taken action, we’d like to think you haven’t read this far, but if you have . . . we sure appreciate the diligence!

Thanks for rocking that Yahoo Mail address!

Yours in your inbox,
The Yahoo Team
User avatar
spc3rd
Moderator
Posts: 853
Joined: Tue Aug 30, 2011 5:45 pm

Re: Yahoo Mail

Post by spc3rd »

Hi viviand,

I also received the exact same email as you...and quite likely - many other folks have also..

I've mentioned this email to Jeff earlier today, so I expect he and other members of The Esumsoft Team will likely drop by and provide additional feedback.

Cheers! :mrgreen:
Image
Global Moderator
User avatar
Jeff
Admin / Developer
Posts: 9225
Joined: Sat Sep 08, 2001 9:46 pm

Re: Yahoo Mail

Post by Jeff »

Here's what you need to do:
1) Edit the account in POP Peeper
2) Press the "OAuth2" button to the right of your login name
3) Follow the instructions -- you will need to login and grant POP Peeper permission to access your email account
viviand
Posts: 27
Joined: Fri Dec 07, 2012 1:59 pm

Re: Yahoo Mail

Post by viviand »

Thanks will give that a try!
tjpsnj
Posts: 36
Joined: Thu Nov 17, 2011 8:08 pm

Re: Yahoo Mail

Post by tjpsnj »

In "Step 3)" What is the "grant POP Peeper permission to access your email account"?
I set up OAuth2 on my yahoo accounts and I am getting the message from yahoo on them anyway.
I was able to log in with the OAuth2 web page that pops up in the edit.
The info at yahoo is vague too.

I would like to avoid deleting my accounts as I have used PP since I created all but one of them and have a full record in PP.

Thanks,

T
User avatar
mjs
Moderator
Posts: 2216
Joined: Sun Jul 17, 2011 2:36 am

Re: Yahoo Mail

Post by mjs »

tjpsnj - To answer your question: "In 'Step 3)' What is the 'grant POP Peeper permission to access your email account'?"

It is what Jeff posted: to "grant POP Peeper permission to access your email account". Various apps as well as Email Services are increasingly requiring authorization to be granted for 3rd-party apps to access them.

tjpsnj - if you are "getting the message from yahoo on them anyway" -- meaning that PP continues to need authorization presumably.

Most likely the authorization was not completed successfully.

You must see this message at the end of the process:
Last dialog - Authentication successful.png
Last dialog - Authentication successful.png (1.62 KiB) Viewed 7481 times
tjpsnj - Do you recall seeing this dialog at the end of the process? (Note: if the process was completed successfully -- you will also get a message from your Yahoo Email account with the Subject; "New sign in on POP Peeper")

If you did not see this dialog at some point when completing the procedure to authorize Yahoo to allow PP access to your Yahoo account (which should occur when the authorization is complete) then something went wrong. This can happen which is why there are various options available to complete an authorization of PP.

I'm going to go over what should transpire when following Jeff's steps posted above:
1) You will get a dialog asking if you want to delete existing OAuth credentials - you reply with "Yes" at this point
2) You will get UID and PWD prompts from Yahoo for the Email Account you have edited in PP and are authorizing to use PP to access the Yahoo Email account. You would reply accordingly.
3) You may get a security dialog to update this information with Yahoo -- If so I would recommend simply clicking on "Remind me later" to avoid issues (refer to my screen-shots below for details) - you can always do this later when logging into your account on-line.
4) You should now get a dialog to "Allow" PP access to your Yahoo Email account.
5) Pressing Agree should complete the process
6) You should then get the "Application Successful" dialog when completed successfully. If you do....
7) Your done! -- you have successfully authorized PP to access your Yahoo email account. =D>

Here are some screen-shot examples of the process:
Click on the "Yes" button
Click on the "Yes" button
Step2.png
step3.png
You may or may not get this next step
Recommend click on "Remind me later"
Recommend click on "Remind me later"
last step.png
After clicking on the "Agree" button...
As mentioned previously, you should get the "Authorization Successful" dialog overlay at this point:
Last dialog - Authentication successful.png
Last dialog - Authentication successful.png (1.62 KiB) Viewed 7481 times
You may not if an issue occurs including possibilities such as:
Button "Agree" either does not complete (page hangs) or you may get an "unsuccessful" dialog
Button "Agree" either does not complete (page hangs) or you may get an "unsuccessful" dialog
In any case you can use an alternative method to authorize PP (i.e. "Web browser" is one alternative):
failed outcome-2.png
Which will open the authorization dialog page in your browser (click on "Agree" and you're done):
Alternative Browser authorization option.png
Good judgment comes from experience and a lot of that comes from bad judgment. - Will Rogers
User avatar
mjs
Moderator
Posts: 2216
Joined: Sun Jul 17, 2011 2:36 am

Re: Yahoo Mail

Post by mjs »

^ Followup on the last post: It has been brought to my attention by another member of the Esumsoft Team that there may possibly be issues with the authorized Yahoo accounts that may reflect what you have described tjpsnj - even if the process was previously successful. We are looking into this possibility.

That said, I have not had any issues myself for any of the 7 Yahoo accounts I have in PP that use IMAP.

I also just now tested the authorization process for one of these Yahoo accounts which completed successfully (I will say however that it was necessary to accomplish via my browser, FWIW). This account along with all the others are working without incident in my case.

We will report back on any additional information we find regarding this - absent any further development regarding this I would suggest reviewing my post above to determine if you have been able to successfully process the authorization procedure.
Good judgment comes from experience and a lot of that comes from bad judgment. - Will Rogers
User avatar
mjs
Moderator
Posts: 2216
Joined: Sun Jul 17, 2011 2:36 am

Re: Yahoo Mail

Post by mjs »

^ followup (final for now): As of this time we have determined that the Oauth2 protocol for Yahoo is working as it should including the procedural steps to accomplish this. Therefore, as of this time our conclusion is that Oauth2 will continue to be functioning as expected going forward unless we determine otherwise at which time we'll post any further changes to this determination accordingly.
Good judgment comes from experience and a lot of that comes from bad judgment. - Will Rogers
User avatar
Sampei.Nihira
Posts: 13
Joined: Tue Sep 08, 2020 2:00 pm

Re: Yahoo Mail

Post by Sampei.Nihira »

Check the apps linked to your Yahoo Mail account:
100d.jpg
If you still receive the Yahoo email informing you that from 20 October the authentication will be exclusively OAuth2, it is certainly NOT the fault of Pop Peeper who has a perfect procedure.
I found that the email client app I used on my smartphone was malfunctioning for Yahoo Mail.
I replaced it with the Gmail app.


P.S. In the image above it is not Thunderbird that has access to the Yahoo account but MailNews (which is incorrectly recognized as Thunderbird).
On Windows XP, Thunderbird 52.X does not support OAuth2 authentication.
The OAUth2 authentication code was only entered in Thunderbird 60.
Which cannot be installed in Windows XP.
dallas77us
Posts: 52
Joined: Sun Feb 15, 2009 9:53 pm

Re: Yahoo Mail

Post by dallas77us »

Remember, OAuth2 needs to be re-authorized every 90 days.

Perhaps the option 3 would be more convenient.

TIP: once an option 3 is established, the password is for POP Peeper only. You'll still need your Yahoo account password to login to Yahoo to check your mail in a browser and whatever else you might do in Yahoo in the browser. So, don't forget that password...
"This time the Republic has gone too far." -Senator Amidala
User avatar
Sampei.Nihira
Posts: 13
Joined: Tue Sep 08, 2020 2:00 pm

Re: Yahoo Mail

Post by Sampei.Nihira »

dallas77us wrote: Sat Sep 19, 2020 6:17 pm Remember, OAuth2 needs to be re-authorized every 90 days.

Perhaps the option 3 would be more convenient.

TIP: once an option 3 is established, the password is for POP Peeper only. You'll still need your Yahoo account password to login to Yahoo to check your mail in a browser and whatever else you might do in Yahoo in the browser. So, don't forget that password...
https://help.yahoo.com/kb/new-mail-for- ... KiqlAsi-cf
If you use Yahoo two-step verification, Account Key or an older email app, you may need to use an app specific password to access Yahoo Mail. Just remember, app passwords are only valid for the app they are created for and remain valid until you sign out or remove access to the app. At that time, a new app password will need to be created.
If the password remains valid until you sign out doesn't seem like a convenient option.
User avatar
mjs
Moderator
Posts: 2216
Joined: Sun Jul 17, 2011 2:36 am

Re: Yahoo Mail

Post by mjs »

^ In the case of POP Peeper, the Yahoo app password remains functional until you "revoke" it (according to Yahoo, see details below).

To my knowledge this is what applies (specific to PP) for setting up an app password to authorize PP to use Yahoo Email: Generate and manage third-party app passwords.
.... To access your Yahoo Mail account on these apps, you'll need to generate and use an app password. An app password is a long, randomly generated code that gives a non-Yahoo app permission to access your Yahoo account. You’ll only need to provide this code once to sign in to your third-party email app.
The app password code is only needed one time to authorize PP to access Yahoo mail. And will remain in effect unless you "revoke" the app password (see link provided above for details). Note regarding the app password setup: at the stage where you "Select your app from the drop down menu" you would select "Other" and enter an identifier name that reflects PP in some way so that the generated app password can be identified if referenced at another time in your Yahoo account and continue on with the process of generating the app password (to be used exclusively in POP Peeper's Email Account Password field). Your regular Yahoo account password will continue to be used to access Yahoo accounts on-line using the web.

This is the case for most app passwords:
Notice for Google accounts by scrollling down to the line stating quote:
Tip: Most of the time, you’ll only have to enter an App Password once per app or device, so don’t worry about memorizing it.
And Notice for Microsoft accounts by scrolling down to the line stating quote:
Note Once you have created and entered an app password for a given app or device, you usually won't need to do it again.
As well as other Email Services (i.e. Fastmail and Currently.com to name a couple among others that I use an app password for as well -- that all work in the same manner -- that is to say the app password remains intact [functional] until revoked, removed or deleted [terms used to disable app access to the respective Email Service] depending upon the service.)
Good judgment comes from experience and a lot of that comes from bad judgment. - Will Rogers
User avatar
Francis17
Posts: 14
Joined: Tue Jul 03, 2018 12:14 am

Re: Yahoo Mail

Post by Francis17 »

So, exactly what changes with Yahoo mail are happening on October 20?

It used to be that any email client could access Yahoo mail using IMAP authentication, where the username+password for the email boxes was the same as for the Yahoo account in general.

1. Is the idea to require various passwords, each one unique for each of your email clients, which are all different from the main account password?
2. Is regular OAuth2 going away? Or is the new access method actually OAuth2 except Yahoo is just hiding the standard terminology / trying to brand the security feature as special to Yahoo?

Since for the next two weeks "all" access methods are working, it's very hard to tell whether the method in use right now is the method that is supposed to work after the change date. As in, logging in today via OAuth2 seems to accept either the main account password or the client-specific password. Further, authenticating with "normal password" seems to also work with either password. I know how to work all the auth methods in all the clients. The tutorials here and there (viewtopic.php?f=3&t=7494) are very useful in setting up the client-specific passwords on the Yahoo account, so thanks to LakersRool and team for that.

TL;DR: Shortcut to manage App passwords: https://login.yahoo.com/account/securit ... words/list
User avatar
Jeff
Admin / Developer
Posts: 9225
Joined: Sat Sep 08, 2001 9:46 pm

Re: Yahoo Mail

Post by Jeff »

Or is the new access method actually OAuth2 except Yahoo is just hiding the standard terminology / trying to brand the security feature as special to Yahoo?
Pretty much this. Google started this trend by using the term "less secure apps" and not referring to OAuth2, so it's nothing new. I'm having to censor myself out of a promise I made to myself, but I will tell you that I am not happy with the way that Verizon/AOL has handled this. :-#

If you go to the following page on Yahoo:
https://login.yahoo.com/account/security

And you see an option that allows "less secure apps" (or something similar), and it's currently enabled (ie. to *allow* less secure apps), then disabling it should tell you what you're using that needs to be updated. Just bear in mind, though, that once you change this setting in your Yahoo account, you won't be able to change it back; but this is presumably what will happen on Oct 20 anyway, so you can do it on your own time instead of being forced to update all your Yahoo/AOL accounts at once come Oct 20.
Post Reply