New features to keep your FastMail account even more secure

[gardenweed]

Quote:

Originally Posted by dgcom

Which makes that statement even stranger... Raises the question about the advice given in the post...

I just took it to mean that Fastmail won't remove any alternative logins during the period up to when they stop working at the end of 31-Aug.

After 31-Aug, they are of no use anyway - they won't work.

[Terry]

Quote:

Originally Posted by gardenweed

Fastmail have done this.

Fastmail sent an email on 22-July with info about Alternative Logins and saying clearly:

Also, Fastmail advised via their Blog that alternative logins will cease to work after 31-Aug (tomorrow).

Its the end of September now...

[gardenweed]

Quote:

Originally Posted by Terry

Its the end of September now...

I did note that you've said this before.
However I've received only one notice from FM, and that said 31-Aug.

[robn]

Quote:

Originally Posted by gardenweed

However I've received only one notice from FM, and that said 31-Aug.

31 August is the official end date. Some alt logins are going to keep working after that date, but we're going to be pretty aggressive about closing down unused ones and emailing people to remind them. 31 September is the absolute last day.

[dgcom]

Quote:

Originally Posted by robn

31 August is the official end date. Some alt logins are going to keep working after that date, but we're going to be pretty aggressive about closing down unused ones and emailing people to remind them. 31 September is the absolute last day.

And why wouldn't you post this info right away in post #251 ?

[robn]

Quote:

Originally Posted by dgcom

And why wouldn't you post this info right away in post #251 ?

Why would I? How is it relevant to the topic, which was the fact that altlogins are not automatically deleted when you set up 2FA or app passwords?

[dgcom]

I think, this is very relevant, since the post you are replying to talks about FastMail disabling alternative logins... but I digress...

[camner]

Am I correct that there is no need (and in fact is undesirable!) to keep a copy of the App Password that was used with a given imap client? If for any reason the account needs to be reestablished, I presume one just goes in to the web interface, kills the old App Password and then generates another.

Yes?

[JamesHenderson]

Quote:

Originally Posted by camner

Am I correct that there is no need (and in fact is undesirable!) to keep a copy of the App Password that was used with a given imap client? If for any reason the account needs to be reestablished, I presume one just goes in to the web interface, kills the old App Password and then generates another.

Yes?

Yes!

...but I am doing it a slightly different way, as I am using different clients for different things (mail, calendar, contacts), I have made a "device specific password" so using the same app specific password for all clients on that one device.

If I lose the device, removing that one password stops all clients on the device, ...but because of this, I am keeping the password in 1Password in case I change clients (as I do not want to have to change the password in all clients for the sake of changing one).

[John Denison]

Hi,

I went through my three devices and changed the fastmail email setting to the new ones last night. But today I've received the following email headed: You have just logged into our SMTP service with an alternative login. I checked the device again this morning and can't see anything wrong. Is there away of finding out what client is causing this error message?

gratefully yours,

John Denison

[JamesHenderson]

Quote:

Originally Posted by John Denison

Hi,

I went through my three devices and changed the fastmail email setting to the new ones last night. But today I've received the following email headed: You have just logged into our SMTP service with an alternative login. I checked the device again this morning and can't see anything wrong. Is there away of finding out what client is causing this error message?

gratefully yours,

John Denison

go to settings\passwords and security and then type in your master password at the top.

Scroll to the bottom of the page and there is a link called "alternative logins". If you have completely switched across to both imap.fastmail.com and smtp.fastmail.com, you should delete these alternative passwords and ionly use the app-specific password for both IMAP and SMTP.

[gardenweed]

Quote:

Originally Posted by John Denison

Hi,

I went through my three devices and changed the fastmail email setting to the new ones last night. But today I've received the following email headed: You have just logged into our SMTP service with an alternative login. I checked the device again this morning and can't see anything wrong. Is there away of finding out what client is causing this error message?

gratefully yours,

John Denison

I just received one of these messages also.
I was about to raise a ticket because as far as I know, I've changed all my logins to either 2FA or App specific passwords.

Also, in my case the message said

Quote:

You have just logged into our IMAP service with an alternative login.

I'm sure I have no IMAP logins, only 2FA for desktop web UI and App for my the FM App on my Android.

I'll investigate a bit further before raising a ticket.

[JamesHenderson]

Quote:

Originally Posted by gardenweed

...I'm sure I have no IMAP logins...

did you also change your SMTP (outgoing mail) to smtp.fastmail.com on port 465 (with SSL) and the new app-specific password?
did you also delete your alternative logins (assuming you have switched across for all devices)?

[edit: 2nd question added]

[gardenweed]

Quote:

Originally Posted by JamesHenderson

did you also change your SMTP (outgoing mail) to smtp.fastmail.com on port 465 (with SSL) and the new app-specific password?
did you also delete your alternative logins (assuming you have switched across for all devices)?

[edit: 2nd question added]

1) SMTP - On the one device that uses SMTP - my scanner - yes.
2) DELETION - I had not done so, but just having them there, ie their mere existence, should not have caused them to be used when I had already shifted to 2FA and App specific passwords. After I rec'd the message I did go and delete the Alt p/w's in the hope of catching where it might have been used - by seeing a failure. So far nothing.

[JamesHenderson]

Quote:

Originally Posted by gardenweed

1) SMTP - On the one device that uses SMTP - my scanner - yes.
2) DELETION - I had not done so, but just having them there, ie their mere existence, should not have caused them to be used when I had already shifted to 2FA and App specific passwords. After I rec'd the message I did go and delete the Alt p/w's in the hope of catching where it might have been used - by seeing a failure. So far nothing.

1) I may be being dim here, but how does a scanner use SMTP (or do you mean a scanning app then can then emails the scanned document)?

2) You are right, their existence would not have caused the issue, but I was trying to help you tidy up
a) however, your error is an SMTP error, so can you check that all your other (non scanning) devices have had their SMTP details removed? ...you will not be able to send emails from these devices.
b) can you confirm that your scanning device can send emails OK (so we know the app-specific password is OK etc)?

J.

[edit: (2b) added]