996Outpost.com

Is that a good thing?(gmail)

gnat wrote: ↑Thu Aug 01, 2019 5:18 pm

Huh? or Hell No!

Traditionally, TLS Client Authentication has been considered the alternative to bearer tokens (passwords and cookies) for web authentication. In TLS Client Authentication, the client (browser) uses a certificate to authenticate itself during the TLS handshake.

Transport Layer Security (TLS) is the successor protocol to SSL. TLS is an improved version of SSL. It works in much the same way as the SSL, using encryption to protect the transfer of data and information. ... When you buy an 'SSL' certificate from Symantec, you can of course use it with both SSL and TLS protocols.

Yeah I know what TLS/SSL certs are. I don't know what you are trying to ask though.

gnat wrote: ↑Thu Aug 01, 2019 6:08 pm Yeah I know what TLS/SSL certs are. I don't know what you are trying to ask though.

I set up a gmail account for my wife and it automatically defaulted to TLS rather than password protect. Good or bad?

Hmmm... No idea what you are talking about still. I don't see any docs on mTLS for authentication and I just tried setting up another account and it didn't offer such a thing.

Generally speaking, however, I would not suggest mTLS auth for a normal user. There is a not insignificant cost involved for a long lived (year) cert and changing it is a PITA when the time comes and especially painful if you need to change it suddenly (like you can no longer trust you have the only copy of the key). It can also be a pain to get it on and used by different devices.

gnat wrote: ↑Thu Aug 01, 2019 8:39 pm Hmmm... No idea what you are talking about still. I don't see any docs on mTLS for authentication and I just tried setting up another account and it didn't offer such a thing.

Generally speaking, however, I would not suggest mTLS auth for a normal user. There is a not insignificant cost involved for a long lived (year) cert and changing it is a PITA when the time comes and especially painful if you need to change it suddenly (like you can no longer trust you have the only copy of the key). It can also be a pain to get it on and used by different devices.

Ok...here's how it went down. I setup a gmail account for the wife on my MacBook Pro. Everything went and is fine. On urging from you guys I have gone through and changed all of my passwords just to keep security frosty. When I went to change the gmail password by doing "mail-preferences-accounts-gmail-advanced. In the box for Authentication it showed "External (TLS client Certificate)". When I setup the account I'm sure it requested a password as I have one documented. If I click the dropdown behind this box the options are Password, Kerberos version 5, NTLM, MD5 Challenge-Response and the TLS option. Just wondering should I leave it alone or change it to password?

EDIT: I HATE computers!

32wildbilly wrote: ↑Fri Aug 02, 2019 5:04 am mail-preferences-accounts-gmail-advanced

"mail" as in the Mail application on your computer?

If so, that is just talking about how the application communicates with GMail. Don't mess with that. Next time you go to send/receive mail it should recognize that it doesn't have the correct password and prompt you for it.

gnat wrote: ↑Fri Aug 02, 2019 7:24 am

32wildbilly wrote: ↑Fri Aug 02, 2019 5:04 am mail-preferences-accounts-gmail-advanced

"mail" as in the Mail application on your computer?

If so, that is just talking about how the application communicates with GMail. Don't mess with that. Next time you go to send/receive mail it should recognize that it doesn't have the correct password and prompt you for it.

Yes mail as in the mail application on my Mac. gmail has never asked for a password when using...ever. If I shouldn't mess with that box where/how do I change the pass word for gmail? Sorry computer illiterate here.

Sooooo old