As of November 25, 2021, Google is going to be forcing all users to set up and use Two-Step Verification. (2FA or Multi-Factor Authentication)
This will impact any GMail skins in Rainmeter you might be using.
What you need to do:
1) In your browser, go to your Google Account Settings and select Security from the navigation bar on the left.
2) Under Signing into Google, select App Passwords.
3) Under Select the app and device you want to generate the app password for, choose Select App.
4) Enter some custom name, likely just Rainmeter, and click on Generate.
5) Copy the new password that is generated.
6) Use this new password in the WebParser URL for your skin.
URL=https://#GMailID#:#GMailPassword#@mail.google.com/gmail/feed/atom/
This has no impact on the password you use to sign into Google in your browser or on any of your devices, just Rainmeter, where it can't react to or provide any Two-Step Verification code that is sent to your phone.
While this will not be "forced" until November 25, I recommend just turning on Two-Step Verification now, and get this app password set up for Rainmeter, so you have time to deal with it before it jumps on you.
If you are distributing skins that access GMail, I strongly recommend that you include some form of these instructions for your end-users.
It is currently October 14th, 2024, 8:54 pm
⭐ Google is turning on Two-Step Verification for ALL
-
- Developer
- Posts: 22856
- Joined: April 19th, 2009, 11:02 pm
- Location: Fort Hunt, Virginia, USA
-
- Posts: 353
- Joined: September 3rd, 2018, 11:18 am
⭐ Google is turning on Two-Step Verification for ALL
Mind if I share another still-not-secured-because-important-data-is-in-plaintext method of doing this?
I tried to help someone with 2FA to connect to their Gmail using browser cookies because #GMailID#:#GMailPassword# HTTP authentication just straight up didn't work, we eventually discovered that works and also funny enough, the only reason the cookie header works is because of the previous NoCookie flag.
Only downside to this is that the cookie header is connected to session, so if you log out of your Google account by accident, you'll need to grab the new cookie again (well, for some crazy privacy people this may be an upside). Hope this Application password thing is permanent.
I tried to help someone with 2FA to connect to their Gmail using browser cookies because #GMailID#:#GMailPassword# HTTP authentication just straight up didn't work, we eventually discovered that
Code: Select all
[MeasureWeb]
Measure=WebParser
URL=https://mail.google.com/mail/u/0/feed/atom
Flags=Resync | NoCookies
Header="cookie: #GMailCookie#"
; GMailCookie variable is the "cookie" header from the very first request headers, the request named "atom"
; found by accessing the Dev Console > going to Network Tab > Refreshing the Page
Only downside to this is that the cookie header is connected to session, so if you log out of your Google account by accident, you'll need to grab the new cookie again (well, for some crazy privacy people this may be an upside). Hope this Application password thing is permanent.
-
- Developer
- Posts: 22856
- Joined: April 19th, 2009, 11:02 pm
- Location: Fort Hunt, Virginia, USA
⭐ Google is turning on Two-Step Verification for ALL
Do we know what causes the failure of the https:// authentication to fail for that user? Is there some additional security setting in Google that disables HTTP authentication from the URL? It certainly works for me. I just replaced my regular password with that generated app password in my URL option in WebParser, and Bob's Your Uncle...Jeff wrote: ↑November 19th, 2021, 5:45 pm Mind if I share another still-not-secured-because-important-data-is-in-plaintext method of doing this?
I tried to help someone with 2FA to connect to their Gmail using browser cookies because #GMailID#:#GMailPassword# HTTP authentication just straight up didn't work, we eventually discovered thatworks and also funny enough, the only reason the cookie header works is because of the previous NoCookie flag.Code: Select all
[MeasureWeb] Measure=WebParser URL=https://mail.google.com/mail/u/0/feed/atom Flags=Resync | NoCookies Header="cookie: #GMailCookie#" ; GMailCookie variable is the "cookie" header from the very first request headers, the request named "atom" ; found by accessing the Dev Console > going to Network Tab > Refreshing the Page
Only downside to this is that the cookie header is connected to session, so if you log out of your Google account by accident, you'll need to grab the new cookie again (well, for some crazy privacy people this may be an upside). Hope this Application password thing is permanent.
I use a measure like this to read the inbox:
Code: Select all
[MeasureMail]
Measure=WebParser
Flags=Resync | NoCookies
URL=https://#GMailID#:#GMailPassword#@mail.google.com/gmail/feed/atom/
RegExp="(?siU)(.*)$"
UpdateRate=120
DecodeCharacterReference=1
And I use this to go to the inbox in my browser when I click on the skin:
LeftMouseUpAction=["https://mail.google.com/mail/u/0/?tab=cm#inbox"]
In that case, you do want cookies involved.
-
- Rainmeter Sage
- Posts: 16658
- Joined: October 11th, 2010, 6:27 pm
- Location: Gheorgheni, Romania
Re: ⭐ Google is turning on Two-Step Verification for ALL
The above description isn't working anymore as has been described, I think. It seems Google has changed something on how the accounts are treated and how can we grant access Rainmeter to check the emails. Is there any way now how I can add a new Gmail account to a skin, to do the email check?jsmorley wrote: ↑November 19th, 2021, 12:48 pm As of November 25, 2021, Google is going to be forcing all users to set up and use Two-Step Verification. (2FA or Multi-Factor Authentication)
This will impact any GMail skins in Rainmeter you might be using.
What you need to do:
1) In your browser, go to your Google Account Settings and select Security from the navigation bar on the left.
2) Under Signing into Google, select App Passwords.
3) Under Select the app and device you want to generate the app password for, choose Select App.
4) Enter some custom name, likely just Rainmeter, and click on Generate.
5) Copy the new password that is generated.
6) Use this new password in the WebParser URL for your skin.
URL=https://#GMailID#:#GMailPassword#@mail.google.com/gmail/feed/atom/
This has no impact on the password you use to sign into Google in your browser or on any of your devices, just Rainmeter, where it can't react to or provide any Two-Step Verification code that is sent to your phone.
While this will not be "forced" until November 25, I recommend just turning on Two-Step Verification now, and get this app password set up for Rainmeter, so you have time to deal with it before it jumps on you.
If you are distributing skins that access GMail, I strongly recommend that you include some form of these instructions for your end-users.
Thanks for any hint.
-
- Posts: 90
- Joined: March 18th, 2013, 1:59 pm
Re: ⭐ Google is turning on Two-Step Verification for ALL
Mine's still working just fine, are you sure something wasn't reset at the account level? Should be able to see it listed app list.
-
- Rainmeter Sage
- Posts: 16658
- Joined: October 11th, 2010, 6:27 pm
- Location: Gheorgheni, Romania
Re: ⭐ Google is turning on Two-Step Verification for ALL
Thank you for checking.
In meantime I found how to do it, even if this is not corresponding entirely to jsmorley's description. I assume either in meantime something has been updated by Google, or I have some additional settings (I have a Passkeys element which seems annoying to me right now, but I assume I might be little bit suspicious about this, most probably important, setting).
So, here is what I did to create the password, if anyone is interested:
- In my browser, went to my Google Account Settings and selected Security from the navigation bar on the left.
- Under How to sign in to Google, clicked to the first box: 2-Step Verification.
- Signed in to the account, using either the password, or any other signing in method (there are many, I think doesn't matter which one do I use - however I'm not entirely sure this is so).
- On the opening panel clicked to the arrow on the right side of the App passwords element, which is placed on the lower part of the site.
- Entered a custom name (obviously Rainmeter in my case), and clicked on the Create button.
- Finally I used the generated password, as described above by jsmorley.
-
- Rainmeter Sage
- Posts: 8465
- Joined: February 27th, 2015, 2:38 pm
- Location: Terra Yincognita
Re: ⭐ Google is turning on Two-Step Verification for ALL
There you go (I don't use such techniques yet in my skins, so I wouldn't know):
https://forum.rainmeter.net/viewtopic.php?p=218369#p218367
Apparently, it does happen to others, so you might be on to something here...
-
- Rainmeter Sage
- Posts: 16658
- Joined: October 11th, 2010, 6:27 pm
- Location: Gheorgheni, Romania
Re: ⭐ Google is turning on Two-Step Verification for ALL
To be honest, even if almost no one reported this lately, excepting the user you linked, I'd be extremely surprised if only me would have this problem.Yincognito wrote: ↑September 27th, 2023, 11:01 am Apparently, it does happen to others, so you might be on to something here...
But who knows...
-
- Posts: 8
- Joined: September 27th, 2023, 10:08 am
Re: ⭐ Google is turning on Two-Step Verification for ALL
Thank you very much!Yincognito wrote: ↑September 27th, 2023, 11:01 am There you go (I don't use such techniques yet in my skins, so I wouldn't know):
https://forum.rainmeter.net/viewtopic.php?p=218369#p218367
Apparently, it does happen to others, so you might be on to something here...
-
- Posts: 8
- Joined: September 27th, 2023, 10:08 am
Re: ⭐ Google is turning on Two-Step Verification for ALL
Thank you very much!
Your solution made it! But only the one I circled in the picture works. The other two are email request icons, you don't get information about gmail...