Adding outlook account via app password fails
-
I am adding Outlook.com account by standard flow and it fails. I am using an Outlook sign in the adding window, not doing it by manual way, so all the parameters are default
Of course I verified my app password three times, it is correct. I even recreated it again and the same result, login failed. Any suggestions what is wrong?
The mail log is empty. -
@astero and you have port 993 for the incoming server?
-
@gmg said in Adding outlook account via app password fails:
@astero and you have port 993 for the incoming server?
correct. As I said I use default parameters populated by add wizard, by default it is 993
-
Do you have two factor authentication? In that case you're going to have to just use the OAuth (by just typing in your email or check the OAuth box there in the manual setup) or an app password
-
@gmg said in Adding outlook account via app password fails:
Do you have two factor authentication?
yes, I have OTP app authentication. Your mail client doesn't support 2FA with app passwords?
-
@astero
You can create an app password (different from regular one, follow link above) if you'd rather use thatOtherwise just use OAuth (the pop up dialog) with regular password (check the OAuth checkbox if you're doing it manually or just type in your account and click continue will bring up the OAuth dialog)
-
@gmg said in Adding outlook account via app password fails:
follow link above
so I created the app password by that link you provided, it is located in this account section: https://account.live.com/proofs/AppPassword?uaid=0000000000000000000000000
this doesn't work, I receive this exact error i put in the very first message: LOGIN failed
-
Consider enabling Settings > Mail > Turn on SMTP Logs in Console.
If status bar is not visible press
Ctrl+Shift+Sto toggle its visibility.Repeat the failed authentication process and select the envelope icon shown in status bar, then the gear cog icon, and View Log as highlighted in following screenshot:
In DevTools window select Console tab and review logged content for possible more detailed message for cause of issue. -
enabled both imap and smtp logs, even restarted the browser, the console is empty
Looks like the log starts to capture events only for added accounts, but not for "set up in progress".
-
Sorry, my mistake. I tried with a new profile and found once SMTP logging was enabled I had to press
Ctrl+Shift+Jto access DevTools and then the Console tab after failed login, as shown below:
-
@yojimbo274064400 when I press Ctrl-Shift-J on settings windows after the error nothing happens, only when I press Ctrl-Shift-J on main Vivaldi window the DevTools opens and it is still empty.
Only when I enable verbose log level it shows something, but this smth is irrelevant to the error
By the way, sometimes I get this error if I press login button multiple times
this looks like Outlook server throttling preventing bruteforce attempts
-
Sorry to read that; not sure why when accessing the console from a mail component you see messages associated with browser.
Consider setting up the account in another email client to confirm if the issue is specific to Vivaldi or not.
-
AFAICS…
- issue of App Password not working is not specific to Vivaldi
- Thunderbird application and curl command also failed to successfully login using App Password
- curl's resulting (verbose) output shows this error:
< 535 5.7.139 Authentication unsuccessful, basic authentication is disabled. [ r e d a c t e d ] -
@astero said in Adding outlook account via app password fails:
@gmg said in Adding outlook account via app password fails:
Do you have two factor authentication?
yes, I have OTP app authentication. Your mail client doesn't support 2FA with app passwords?
OAuth is supported by Vivaldi. When prompted to Pick Authentication Type select Use OAuth:
Enter the account's password:
then the OTP code
hopefully resulting in sucesscul verification:
-
@yojimbo274064400 said in Adding outlook account via app password fails:
OAuth is supported by Vivaldi
here in my thread I described why Vivaldi's implementation of OAuth is not safe https://forum.vivaldi.net/topic/103413/vb-111328-oauth-session-is-shared-between-browser-tabs-and-mail-client-security-bug-report-response?_=1732767096916
So I am not going to use it.
-
@astero
It's not a security issue, but it can be a privacy one, so if you're worried about signing in to services in tabs too then it's easy to set up your email in a separate user profile
https://help.vivaldi.com/mail/mail-advanced/use-mail-calendar-and-feeds-in-a-separate-user-profile/ -
@gmg said in Adding outlook account via app password fails:
It's not a security issue
it is definitely a security issue. Not admitting the vulnerability does not make it safer or less dangerous, it is just makes you look like an ostrich buying you head in the sand
-
I know you really want it to be security related, but it is not a security issue. You have not described anything that relates to security. Not in any way. It does not fit the classification of "security" by any relevant definition, no matter how much you might want it to be. You have been told this several times, and several knowledgeable members of security staff have tried to correct your misunderstandings. Repeating yourself in multiple forum threads and bug tracking systems does not alter that fact, and is likely to mean that your feedback gets ignored. Rather than repeating incorrect information, you would be better off engaging in productive discussions saying that you would like the behaviour of the mail client to be different, without mentioning security; those might actually get some positive attention.
As we have already mentioned, if you think the chrome.identity Extension API should work in a different way, you need to discuss that with the Chromium project, since it is implemented as part of that project. You might have a chance to persuade them to change it if you actually discuss it with them, but you will have no influence on them at all if you discuss it here.
