I’ve updated to 6.0.22313.0 and have been seeing the new Google authentication window every time I open the app. That’s frustrating enough by itself – not sure why I need to redo my two-factor authentication literally every time I reboot my computer – but it is basically unusable due to the fact that the authentication window won’t let me use the clipboard.
I use a password manager. I am accustomed to either copy/pasting my generated password into the password field, or using the manager’s auto-type feature. Neither of them works properly with this new authentication window. This is, for me, a deal-breaker – I won’t be able to continue using EM Client if I have to do a big multi-step workaround every time I launch the application.
Is this something that is going to be fixed? I’m sure it’s not *that* uncommon for someone to use a password manager for their Gmail password.
Thanks for reading.+
Hello, Google has changed it’s authentication option, it is no longer possible to authenticate with your mail server using the regular password as you were used to, instead Google has adopted a new technology called OAuth, which calls a browser window and authenticates with your account using a special token sent to eM Client through this authentication window. This token is then stored within the application’s settings and used for authenticating with your mail server. It’s actually a much safer method to allow access and share data with 3rd party applications as eM Client is.
Unfortunately it is not currently possible to copy and paste data out of the authentication window for security purposes, but we’re working on improving this in future releases of eM Client, but unfortunately it is no longer possible to authenticate using the regular password authentication as you were used to.
Hope this helps.
Hi Paul,
Thank you for taking the time to answer. I understand that EM Client needed to switch to OAuth in order to keep connecting to Google’s servers.
My concerns are these two:
-
EM Client has asked me for new OAuth authentication almost every single time I open EM Client, including the password and two-factor identification check. Is this normal? If not, how often should it OAuth be asking me to sign in again? I have two computers that I use EM Client on.
-
The lack of clipboard in the OAuth login window. You say that there is no copy/paste in that window for “security purposes”, but I don’t understand what those security purposes could be. Is copy/paste disabled in OAuth because Google demands it be that way, or is this because of EM Client’s implementation? I personally feel that a lack of clipboard makes the window less secure, because it discourages the use of password managers, which in turn means that it’s encouraging the use of memorizable, easy-to-type passwords which tend to be short and commonly found on password lists.
Thanks,
Hello Albert, we’re reviewing what is causing this problem, we’ve discovered the authentication window is different for different browsers, e.g. a webkit window and IE window (that eM Client is using), we’re not sure if the clipboard isn’t disabled for security reasons with IE’s browser windows only, but hopefully we’ll be able to resolve the problem in an update soon.
If you have the two step verification enabled, you should go through the standard OAuth authentication process with an additional step to authenticate with your phone - the second step, this should increase the security and is based on your Google account settings online.