[arohner]

Is there any Emacs-based solution to access a GMail account with 2FA, without enabling "insecure access" on Gmail?

I've looked at a lot of solutions, and AFAICT:

- SMTP + app-based passwords require "insecure access" being enabled

-Using the GMail HTTP API does not require insecure access, but none of the standard CLI email tools support it.

[geofft]

Can you use XOAUTH2? https://developers.google.com/gmail/imap/xoauth2-protocol

offlineimap supports it, and the config file has setup instructions: https://github.com/OfflineIMAP/offlineimap/blob/master/offli...

[Jim_Heckler]

As far as I can tell, when 2FA is enabled app passwords are the only non-2FA way to use your account. I have an app password in my .authinfo.gpg that I use for authorizing offlineimap and SMTP through Emacs. Obviously this isn't as secure as 2FA, but since the password is PGP encrypted I don't worry about it ever being comprised.

[Allaman]

Just looked at my account. There is no option for insecure access when you activate 2FA.

From https://myaccount.google.com/lesssecureapps

"This setting is not available for accounts with 2-step verification enabled. Such accounts require an app-specific password to access less secure apps"

[peterbecich]

It may be possible with Thunderbird and Maildir. There is an issue: https://emacs.stackexchange.com/questions/38412/read-and-edi...

[kuwze]

I'm going to break the HN code of ethics (oh gosh) and explicitly bump this. All of the solutions I have found just point at the insecure access option.