---

@JKnott wrote:

My understanding is that you can create on for each device or client, so it could be Outlook on notebook, Thunderbird on desktop etc.

 

---

It seems to be one for each device or client TYPE.... not each PHYSICAL device. IE:  an app-password for "Outlook on notebook" means putting the same app-pw on ALL outlooks on ALL notebooks which need access to that one email account.

Personally, I think that this whole thing will just result in way more passwords being written down on pieces of paper and/or saved in txt files and will result .... in practical terms ... in a whole lot LESS security rather than more.

...

I don't understand how Rogers determines when to send the "Important: You must update your Rogers email account settings." email.  I've now gotten this for each email account I have set up (which is about 5 email accounts). These, interestingly were trickled out to me over the course of a week (around one per day on average) instead of all at once.  I thought I was done, but now, today I get THE SAME EMAIL for an account that I've already received this email for last week.

Rogers, when can we expect that you STOP sending these warnings?  I've already set up all 5 of my accounts and I do not wish to have any further warnings about this sent to me.  Your system should be smart enough to tell whether someone has taken the advice and not spam the email accounts again and again.  Thanks.

---

@mf152 wrote:

I don't understand how Rogers determines when to send the "Important: You must update your Rogers email account settings." email.  I've now gotten this for each email account I have set up (which is about 5 email accounts). These, interestingly were trickled out to me over the course of a week (around one per day on average) instead of all at once.  I thought I was done, but now, today I get THE SAME EMAIL for an account that I've already received this email for last week.

 

Rogers, when can we expect that you STOP sending these warnings?  I've already set up all 5 of my accounts and I do not wish to have any further warnings about this sent to me.  Your system should be smart enough to tell whether someone has taken the advice and not spam the email accounts again and again.  Thanks.

---

I still haven't received any.

I think a bunch on this, was due to Yahoos quick change on them.
Well, it was needed.. but sort of like HERE YOU GO CHANGE NOW!

My wife didnt have much of a choice on her regular Yahoo account, went to log in via the yahoo app on her phone, forced to do the change over, change to a fingerprint or other method on the phone for authentication, etc.  At the same time enabled the 2 step on web login for that account, she needs to authorize it on the app on her phone to go into the webmail.

I hope to pray.. that the rumors that rogers might pull back to doing their own again without yahoo come true.

---

@Gdkitty wrote:

I hope to pray.. that the rumors that rogers might pull back to doing their own again without yahoo come true.

---

Me too, but for other reasons.  However, I expect other email providers will also move to this.  GMail also support OAuth2, though they still allow passwords.

There is an overall trend to tighten up email security, such as using SSL/TLS encryption, etc..  It's something that's long overdue.  Another thing we could use is easier access & use of X.509 certificates for end to end encryption and authenication.  It would be nice if every ISP or email provider could supply X.509 certificates to their customers/users.

---

@CJ12 wrote:
Secondly, when I sent a test email from my desktop computer, it only showed in the sent folder on my desktop computer, and not on my laptop, and vice versa. I don’t understand why doing this change would cause that.

---

That is a "feature" of POP.  If you want messages to appear on all devices, use IMAP.  It was designed to be used on multiple devices, POP wasn't.

---

@JKnott wrote:

---

@CJ12 wrote:
Secondly, when I sent a test email from my desktop computer, it only showed in the sent folder on my desktop computer, and not on my laptop, and vice versa. I don’t understand why doing this change would cause that.

---

That is a "feature" of POP.  If you want messages to appear on all devices, use IMAP.  It was designed to be used on multiple devices, POP wasn't.

 

---

Yes, you are right.  I was confused, because I thought I saw a message in my sent folder on the laptop that I had sent yesterday from the desktop.  But I was wrong.  It was a message with a similar subject line that I had sent a while back, apparently from the laptop.

Also, possibly confused by my wife's email on outlook.com that was set up as IMAP.

I received this notice as well, but have not made any changes.  My iphone, laptop and desktop email access still works fine.  I use Micrososft Outlook 2016 on the three devices and occassionally use the webmail.  Are there exceptions to this change ?  Does it depend on the generation of Outlook or device ?

Thanks.

Just a comment on using the same passkey on multiple email clients on different devices.

It would appear that Rogers has still not fully implemented the full requirements around individual passkeys.

I have out of curiousity, tried setting up a windows mail, thunderbird, and Pegasus client on same and different computers using a non-rogers yahoo email account (i.e., it is a true yahoo mail account with nothing to do with Rogers).

When I set those up, I tried using the same passkey, and it allowed me to set them up one time.  But after trying the different clients and computers a second time it advised me I was trying to use a one time use passkey - it only worked on the first device I used it on.  I had to create a seperate one for each device ultimately.

So if Rogers is laying their slightly different model of the Yahoo model (i.e., on Yahoo, you can turn it all off, you can use 2 stage authentication, Rogers takes you to the member portal and provides no access to the full Yahoo security options), I suspect that we will eventually see it that we need one passkey for each one.

So for example - Outlook on Lenovo, Outlook on gateway, Pegasus on something else, etc.  So I suspect that even though you can carry over the same passkey across all email clients right now, eventually you may not be able to.

The other thing I haven't checked, is that last week when I tried, I could actually skip the passkey totally and use my existing Rogers email login password, which if the passkey feature was turned on, it should not be possible.  It is not possible with a pure Yahoo account anymore.

And the fact that people can still operate while still doing nothing at all, means that the full feature security restrictions have not been turned on as a requirement.  You can set it up right now with one passkey, multiple passkeys, your existing password, and they all work.  If it is like Yahoo security once turned on, you won't be able to use the existing password key and will have to create one for each outlook or whatever client is on each computer.

But we won't know until it is fully turned on.  This was discussed very early in the thread that rogers had confirmed that it had not been turned on and they did not have a drop dead date yet.

I know the thread is long, so thought I would bring it back up again, the above issues.

But I will say as I did then, we won't really know exactly how it works and any issues until they do turn it on.  It would appear from my test of a yahoo account though that when they do turn it on, we will need a separate passkey on each device/client.  That is just my best guess based upon what we have been told to date, and my own testing with the Rogers/Yahoo email accounts I have, and a separate Yahoo email.

At the end of the day, it doesn't really matter to me anyway - I switched all my email to gmail about a year ago, and I do get the occassional email in my rogers yahoo email, but I immediately change it.  I also have my Rogers email set up to forward to my gmail, so I don't even open my yahoo account anymore.

I want nothing to do with anything Yahoo.

Bruce

Yes, indeed.  I received another email notification this afternoon.

---

@RichardF wrote:
You're assuming there will be another communication....

Joking aside, does anyone know what sort of feedback Rogers has been getting?

---

I have yet to receive any email about this.

I got two more emails last evening...both in red!   so I guess it is getting close.

I read the whole thread and skimmed most of the links and I admit I just don't see the point of the whole business. All it gets me is a 16 character password with no capitals, number or special characters  that somewhere is somehow associated with the particular mail app I use. 

So I have these new passwords written down(!) and until my email stops working I will just ignore the whole thing.

I wouldn't wait until your email stops working.  I went through the procedure yesterday late afternoon.  I obtained the App Password for Microsoft Outlook and used it to update my Desktop and laptop (Mac Book Pro) that are running Outlook.  Also revised my password on my iPhone.  It all took minutes and are working ok.

I do have a few questions though:

1. How is this change supposed to prevent future hacks ? 

2. You now have one password for checking email using the webmail and  different ones that are application   specific - all pointing to the same mailbox.  Why is there so much concern with applications and not the webmail ?

Thanks.

the webpage at http://www.rogers.com/web/support/internet/email/442 has App password update settings procedures for multiple email clients. Please provide step-by-step procedure specifically for MS Outlook for Mac 2011. App password for account at this client has already been obtained about 10 days ago. Thank you.

Hi Corey

I'd just like to clarify your last comment.  I have several @rogers.com email addresses, but I only ever access those accounts from my desktop using Windows Live Mail. I use a gmail account across all other devices. In this case I'm creating a single app password and using it for all my @rogers emails. Is that correct?

Thank you!