cancel
Showing results for 
Search instead for 
Did you mean: 

You must update your Rogers email account settings

57
Resident Expert
Resident Expert

I got an e-mail on one of my e-mail accounts this morning. Interestingly I only got it on one of our accounts, not the other three accounts that my wife and I have.

 

At first I thought it was phishing, but it appears that people who use certain e-mail clients (like Outlook) will have to reconfigure those clients for a "new password" (app password).  Webmail  doesn't appear to require the change. 

 

The e-mail states:

 

Important: You must update your Rogers email account settings.
 
Protecting your data is as important to us as it is to you. Rogers is making several security upgrades and implementing a new authentication system to further protect you and your data.
 
Rogers requires you to update your email settings to continue using your email account.
 
It only takes a few minutes of your time to ensure you have uninterrupted access to your email.

 

There is a link as follows indicating the people who need to do this, as well as instructions on how to do it:

 

http://www.rogers.com/web/support/internet/email/442

 

Please excuse me if this is discussed elsewhere. I did try searching and didn't find a thread on this specific topic.

 

***EDITED LABELS***



325 REPLIES 325

Re: You must update your Rogers email account settings

timlocke
I Plan to Stick Around

So, just for fun I reinstated the 'Leave messages on server'  and, to be sure, rebooted the PC, sent myself some messages for Gmail and Lo and Behold it is working.   I'll leave it that way until the next time.

Re: You must update your Rogers email account settings

jbraver
I Plan to Stick Around

With help from tech support updated my Outlook 2007 on PC with new generated password - worked fine.  Then, without warning the Outlook Mobile App on my Galaxy 6 started asking for a password.  Neither my original password, the generated password for my PC or the generated password for the Mobile App worked.  (Instructions clearly say no chane needed for Outlook Mobile App as part of this process.)

 

Call tech support and neded to be escalated to 2nd tier where Kav spent 88 minutes with me.  We could not get Oulook Mobile to let me log in.  Set up Yahoo Mobile App, reset passwords and ultimately ended up right back with my original password on both PC and phone and botth worked but Yahoo App is full of annoying ads.

 

Just for laughs I reinstalled Outlook Mobile and it works perfectly with my (reset) original password.

 

Total time spent on both upgrades - 2-1/2 hours!  Went around in a complete circle and everything is right back to where I started.  Did this improve my security???

 

Waiting for a callback from management HA HA HA  

Re: You must update your Rogers email account settings

RichardF
I Plan to Stick Around

At the risk of thread drift....   some new things I have been seeing recently (last two or three weeks and a lot more the last couple of days). with Rogers / Yahoo mail that I'm wondering if they are side effects of this switch over 

 

- desktop web mail...  a message very slow to load / times out with retry box

- desktop web mail, "sending" box w spinning wheel stays long after a msg is sent 

- iOS mail "cannot get mail", but it's ok after a few seconds (pretty sure connection is fine, I've had no web issues at all outside of these mail issues)

- iOS similar on send, message goes to outbox, sends a few seconds later

 

any thoughts?

 

 

 

Re: You must update your Rogers email account settings

57
Resident Expert
Resident Expert

@RichardF:

 

I'm seeing similar things in Outlook for Mac 2011.  In the previous 20 years or so, I have seen these glitches perhaps once or twice a year.  They are currently much more frequent.

 

- Instead of sending, occasionally the outgoing message has an issue and stays in my "outbox".  I may get a popup asking for my password, but I know that doesn't help based on past experience, so I cancel out of that popup and simply go into my Outlook outbox, open the message, try sending again, and it works fine the second time.

 

- When I open Outlook it's supposed to automatically download my e-mails, however, sometimes it says something like "waiting for messages" and "sticks" there.  After a while, sometimes the messages download, sometimes not.

 

- I've also had some older messages that were downloaded months ago turn up again in my Outlook inbox.  For this reason I always keep my Webmail inbox fairly empty to avoid downloading many e-mails that I've already seen.  I do this by filing the messages in Webmail folders that will not download again, or by deleting the message in Webmail (or via that option in Outlook).  I always keep one e-mail in my Webmail inbox to avoid seeing the spam video.

 

I put these issues down to glitches in the system as they're making these changes.  I have not yet made the recommended changes to passwords as I"m waiting for things to get ironed out first.



Re: You must update your Rogers email account settings

RichardF
I Plan to Stick Around

My guess is the authentication process is getting hammered.  But just a guess.   Hopefully it stabilises.

Re: You must update your Rogers email account settings

leephillips
I've Been Here Awhile

so what do I do. update my email password? how do I get my rogers email account working

Re: You must update your Rogers email account settings

leephillips
I've Been Here Awhile

how do I update my email account?

Re: You must update your Rogers email account settings

So now after all has been done re updating my 8 email passwords for POP3....

 

All working fine as POPs.

 

When I tried logging on to webmail, I get a message along the line of "do you want to permit this computer to access this email" or some such.   I said "sure".   I log on with the "original" webmail password and I get in.

A day later, I try that with ANOTHER of my 8 accounts.  I am requested to "add" this account, and I get in BUT....

... when I get in, the 2nd email does not have the "account information" button under the login name.  ONLY ONE of the accounts "authorized" from this computer has that button, while the others DO NOT.

 

So how am I supposed to change the webmail password, and/or generate new "device passwords", since I cant get in to that part of the account???



Re: You must update your Rogers email account settings

User14
I'm a Trusted Contributor

@57 wrote:

I got an e-mail on one of my e-mail accounts this morning. Interestingly I only got it on one of our accounts, not the other three accounts that my wife and I have.

 

At first I thought it was phishing, but it appears that people who use certain e-mail clients (like Outlook) will have to reconfigure those clients for a "new password" (app password).  Webmail  doesn't appear to require the change. 

 

Please excuse me if this is discussed elsewhere. I did try searching and didn't find a thread on this specific topic.

 

***EDITED LABELS***


@57 Here is a better link for instructions: How-To-Updating-your-Rogers-Yahoo-Email-Settings

I tried your link but it didn't lead me anywhere.  People can log in to rogersmembercentre.com

for their "new" App password using their email and "old" password. 

 

I have also read the posts and I have a lot of empathy for Rogers customers especially those who are not tech savy. The instructions are terrible.  I wonder who is in charge at Rogers at times.  I have sold my stock in this company. Smiley Wink

 

For @RichardF  I don't use Rogers email, but my wife uses it with Outlook. I set it up for her and posted some help on an IMAP settings thread. IMAP-Settings   She now gets a pop-up with her email and password each time she sends an email. She clicks ok and it goes.  Do you have this issue with Outlook and Rogers email? I may have missed a box in the settings.

 

For @timlocke@   It looks like Bruce (@BS) has left the group, but he is correct about poor implementation and poor communication by Rogers. Unfortunately support is geared up to get you out of  the queue quickly without listening to your problems or symptoms.  I find they jump to conclusions too quickly and often say the wrong thing.   There may be a lot of pages here, but information for a quick solution is very hard to find. It is a time waster for sure, but @BS helped me a lot when I first got here and there are REs (resident experts) willing to help.   

 

 

Re: You must update your Rogers email account settings

jbraver
I Plan to Stick Around
I spent hours on this fiasco. In the end it escalated to the office of the president yet they never bothered sending out an email acknowledging how badly they mismanaged it. They obviously believe this is a customer problem not Rogers. I was compensated for my time and aggravation and recommend that more people who have problems should insist on having it escalated. I did find one tech support person, Kav, who actually spent 90 minutes on the phone until my issues were resolved. The person in charge of this project should be fired.

Re: You must update your Rogers email account settings

User14
I'm a Trusted Contributor

 


@leephillips wrote:

how do I update my email account?


@leephillips

 

Note that No changes are required if you only check your email using Rogers Yahoo! Webmail

ie. If you are logging into Rogers email through Yahoo or another browser, just use your old password.

 

Assuming you are using an app like Outlook to get all your various emails, try this site for instructions:

 How-To-Updating-your-Rogers-Yahoo-Email-Settings

Remember it is really two Steps

1. using the Rogersmembercentre to get your 16 character password for each email, then

2. using the setup instructions for whatever email you are using with the generated password. 

 

This isn't the best approach as others have said on this thread, but what can you do. It's Rogers!

Good luck. 

 

 

 

Re: You must update your Rogers email account settings

User14
I'm a Trusted Contributor

@RogersRoland

 

I have followed the instruction you posted for MS Outlook, but my wife now gets this pop-up when she sends a message.  Before I contact anyone else, can you answer a few questions:  

 

Rogers Sent Server.png

 

You indicate in the instructions below that you can put the app password in the Outgoing server settings and I tried that but she still gets the pop-up. In the instruction below, you also say  enter it in your Outbound Email Server settings only.

 

1. Does that mean you DO NOT put the App pwd in the logon information setting section for Outlook?

2. Also is smtp.broadband.rogers.com  still the right server name to use?

3. I assume the Outgoing Server port number is still 465. Is it?

 

Thanks

 

How do I update my settings to use the App Password?

The instructions below will help you update your password with the App Password for the most common email clients. If you need help with a client that’s not in the list, the software manufacturer will best be able to assist you with this.

Note: These instructions are intended for Rogers Yahoo! email users only. If you use a Rogers Yahoo! account to send email from a non-Rogers Yahoo! address, we recommend that you reach out to your other provider. Most have now updated their servers so that this is no longer necessary. If they are unable to help, you can still create an App Password, however enter it in your Outbound Email Server settings only.


Outlook 2010/2013/2016

  1. Click File.
  2. Click Account Settings twice.
  3. Select your Rogers email account and then click Change.
  4. In the Logon Information section:
    • User Name should be your full @rogers.com email address.
    • Password - enter or copy/paste the App Password you generated above for Outlook. Ensure the Remember Password option is checked.
  5. Click Next.
  6. Click Finish.
  7. Click Close.

Re: You must update your Rogers email account settings

SheamusPatt
I Plan to Stick Around

A couple of questions

- When you put the application password in the Outlook dialog you've shown here, did it work? (Ie did the mail then get sent successfully)?

- Did you also check the "Save password in your password list" box? If you don't then it won't save the password, and you'll have to enter it (or another new application password) the next time. If you do check the box to save the password, though, it should save it and you won't need to enter it in future.

Hope this is helpful.

Re: You must update your Rogers email account settings

BS
I'm a Senior Advisor

@jbraver  The last thing I ever expect from Rogers anymore is an acknowledgement of how poorly they may have implemented an change but at least you did finally get a responsible tech who would spend the time to work you through it.  My brother in law spent 5 days working with tech support before they finally got everything resolved.

 

Keep in mind that their family has many people who can guide them like myself, and their son who supports email systems for small business, doctor's and dentist offices, as well as business equipment and so forth.  He absolutely will not put any of his customers on Yahoo, period.

 

And I refused to help because number one, each person's issue is somewhat unique, and I am doing being a fill in for Rogers - I do it on the forum, but not for friends and family, and I provide it for the forum by making tech support me until I understand it enough and have tested at length to get it right and then try to communicate it, which I must say has not been the easiest thing to do with all the distracting communication about new protocols, and other things that raise questions, and just interfere with dealing with the steps provided.

 

I am glad they compensated you for your time and that you used the escalation process - escalation in my mind is also for "waste" of our time due to poor support - it is all part of customer service quality.  In away, that is an unspoken message that they were wrong and accept responsibility, but I wouldn't go looking for them to admit they did it poorly.

 

As for the issue of feeling like it is dumped on us as customers and it is our problem - I feel that comes from the responses to us - "did you follow the instructions?", try it again and let us know - how about try it again, walk us through it and don't hang up until we have implemented and tested every device and issue, so that they can verify that what they did resolved the issue rather than have us phone back over and over again, or try to dig it out of the forums, the FAQ's and so many different sources.

 

Glad you got it worked out.

 

Bruce

Re: You must update your Rogers email account settings

User14
I'm a Trusted Contributor

@SheamusPatt wrote:

A couple of questions

- When you put the application password in the Outlook dialog you've shown here, did it work? (Ie did the mail then get sent successfully)?

- Did you also check the "Save password in your password list" box? If you don't then it won't save the password, and you'll have to enter it (or another new application password) the next time. If you do check the box to save the password, though, it should save it and you won't need to enter it in future.

Hope this is helpful.


She said when she clicks ok the email gets sent.  I don't think she checked it off. 

I set it up this way though to remember the app password.  

 

Rogers Outgoing server setting.png

Re: You must update your Rogers email account settings

User14
I'm a Trusted Contributor

@ti3 wrote:

There's an article on howtogeek.com about these app-specific passwords and how they are a band-aid solution at best and the security risks they pose.  Not a great solution Rogers. 


FYI.  When I tried to add a Google gmail account to my Outlook 2016 app, I got this message:

 

Are you the one who tried signing in?
Google will continue to block sign-in attempts from the app you're using because it has known security problems or is out of date. You can continue to use this app by allowing access to less secure apps, but this may leave your account vulnerable.

 

Basically Google wanted me to use the same app password procedure as Rogers or "allow access to less secure apps", by changing my Windows 10 settings which is a strange recommendation.  Facts are difficult to find on this, especially when "howtogeek" says the app password procedure isn't such a great solution.   

Re: You must update your Rogers email account settings

BS
I'm a Senior Advisor

Yahoo mail, in their first iteration of making these changes had the same feature of providing the user the opportunity of updating to a new more secure email client, or accepting them as an unsecure app.

 

Rogers removed the ability to do this through bypassing the standard Yahoo account setup where they had the passkey mode, a 2 step activation and the accept insecure clients. Rogers prevents this by not giving you access to the broader options available to a Yahoo email account.

 

This practice of accepting insecure practices is actually more common than we think - if we use Chrome which does not permit Flash and some Java versions from running and you have to accept it on a one time only use, because producers of material refuse to drop the insecure models of Java and Flash.

 

So, yes it is a bandage and companies take different approaches to this ongoing issue of security versus old software.

 

Rogers has confused things considerable by creating their own interface for setup - rather than using the Yahoo one, which you could use their help docs and forums to guide you, but they have removed the ability to accept an insecure app as Yahoo and GMail have done.

 

All a compromise.  On current software/apps/device, it is creating a token that is baked into the security of the phone or device and cannot be found or compromised - no one ever sees the passkey.  Rogers took the middle ground of the model and prevented declaration of insecure apps, set in the passkey model, and permit in on only one device only and remembering the passkey.

 

As I mentioned, one more example of security moving faster than technology and a compromise model is created to allow less secure apps that we are happy with, and may not wish to change (we know it, it costs money to upgrade, etc).  I once had a customer who sat on Office 1997 version well past the support date because she knew it well and didn't want to change, so I created work arounds for her until we could not do it anymore - I recommended an upgrade to current software, she refused, I stopped supporting her.  She was back asking for support and a new computer and software about a year later.

 

Technology rolls forward as the people who hack it create a new way through as each new upgrade comes.

 

Bruce

Re: You must update your Rogers email account settings

RichardF
I Plan to Stick Around

The point that either Im missing or Roger is is that ...

With Outlook currently, for each account I have a different 'user password' that I have the option to require entry at each sign in (ie NOT remembered).   My practice differs between the accounts.   The point is, I have that choice.

 

Under the new protocol, I'm forced to use the remember / save password feature.   And, as the generated passwords do not fit my methodology for creating passwords for the various categories of application, I have to write it down somewhere in case it needs to be re-entered.  

 

Are the new passwords more secure than my own?  Possibly, until the password generating web site is hacked anyway.   Materially more secure?   That's an interesting question, as there would now seem to be a sort of herd immunity.   Under the new protocol hacking algorithms have to be set up for up to 16 char random keys which I think reduces the chance of cracking any old-style secure password even if only 8 chars.

Re: You must update your Rogers email account settings

BS
I'm a Senior Advisor

A couple of comments clarifications, at least based upon thread comments, and research on OAuth(2), the new authentication protocol that is now standard in the whole industry, for connecting services like email to a device or other accounts.

@RichardF wrote:

The point that either Im missing or Roger is is that ...

With Outlook currently, for each account I have a different 'user password' that I have the option to require entry at each sign in (ie NOT remembered).   My practice differs between the accounts.   The point is, I have that choice.

 

Under the new protocol, I'm forced to use the remember / save password feature.   And, as the generated passwords do not fit my methodology for creating passwords for the various categories of application, I have to write it down somewhere in case it needs to be re-entered.  

Yes, you are right in that the new model, which is industry standard now, not a Rogers thing, they had to implement the changes as put forward by Yahoo and the industry has changed things in our thinking and use of authentication, password methods.

 

Yes, you are forced to use the remember/save password feature - no choice in that one.

 

 

 

Are the new passwords more secure than my own?  Possibly, until the password generating web site is hacked anyway.   Materially more secure?   That's an interesting question, as there would now seem to be a sort of herd immunity.   Under the new protocol hacking algorithms have to be set up for up to 16 char random keys which I think reduces the chance of cracking any old-style secure password even if only 8 chars.

 

The confusion that has been created in the presentation of this new protocol, not just Rogers, but Yahoo too, is that the 16 random letters are not a password (per se).

 

It is a work around to provide a method of linking the "insecure outlook and other models" - that is the words of the industry, not mine.  

 

That passkey is one time use only in that on the server authentication side, a secure RSA token key is created to make connection to the Yahoo servers.  Some how on our device side, a key is also created, I won't try to understand that process.

 

The passkey is used once and only once and tied to the features of your device, much like the registration keys are tied to OS and device features for authentication of authentic software.

This passkey, which we put in once and save, can never be used on any other device, and you can revoke it if your device is lost stolen, or damaged.

 

So, the issue is to remember that a password and a passkey are fundamentally not the same thing at all.  It just happens that the passkey which on our new devices is encrypted and unavailable and works through one time authentication processes, in the older software it is placed into the password field and saved in order to facilitate the creation of the encrypted keys linked to your and only your device/software combination.

 

So, I can understand that people are confused, and it is contradictory to everything we have been taught, and these steps exist only due to the legacy nature of the software.  They could have taken a more extreme process - just say these software are insecure and permit no access - this is a temporary measure knowing that all new computers and software have the new model baked in.

 

Hope this helps - change is not fun, but this one, we have no choice on.

 

Bruce

 

Re: You must update your Rogers email account settings

JKnott
I'm a Reliable Contributor

I use Seamonkey and Thunderbird for email.  They have OAuth2 available for authentication.  Why is this not used.  I currently am configured for Normal Password and used that 16 character password.

 


@BS wrote:

A couple of comments clarifications, at least based upon thread comments, and research on OAuth(2), the new authentication protocol that is now standard in the whole industry, for connecting services like email to a device or other accounts.

@RichardF wrote:

The point that either Im missing or Roger is is that ...

With Outlook currently, for each account I have a different 'user password' that I have the option to require entry at each sign in (ie NOT remembered).   My practice differs between the accounts.   The point is, I have that choice.

 

Under the new protocol, I'm forced to use the remember / save password feature.   And, as the generated passwords do not fit my methodology for creating passwords for the various categories of application, I have to write it down somewhere in case it needs to be re-entered.  

Yes, you are right in that the new model, which is industry standard now, not a Rogers thing, they had to implement the changes as put forward by Yahoo and the industry has changed things in our thinking and use of authentication, password methods.

 

Yes, you are forced to use the remember/save password feature - no choice in that one.

 

 

 

Are the new passwords more secure than my own?  Possibly, until the password generating web site is hacked anyway.   Materially more secure?   That's an interesting question, as there would now seem to be a sort of herd immunity.   Under the new protocol hacking algorithms have to be set up for up to 16 char random keys which I think reduces the chance of cracking any old-style secure password even if only 8 chars.

 

The confusion that has been created in the presentation of this new protocol, not just Rogers, but Yahoo too, is that the 16 random letters are not a password (per se).

 

It is a work around to provide a method of linking the "insecure outlook and other models" - that is the words of the industry, not mine.  

 

That passkey is one time use only in that on the server authentication side, a secure RSA token key is created to make connection to the Yahoo servers.  Some how on our device side, a key is also created, I won't try to understand that process.

 

The passkey is used once and only once and tied to the features of your device, much like the registration keys are tied to OS and device features for authentication of authentic software.

This passkey, which we put in once and save, can never be used on any other device, and you can revoke it if your device is lost stolen, or damaged.

 

So, the issue is to remember that a password and a passkey are fundamentally not the same thing at all.  It just happens that the passkey which on our new devices is encrypted and unavailable and works through one time authentication processes, in the older software it is placed into the password field and saved in order to facilitate the creation of the encrypted keys linked to your and only your device/software combination.

 

So, I can understand that people are confused, and it is contradictory to everything we have been taught, and these steps exist only due to the legacy nature of the software.  They could have taken a more extreme process - just say these software are insecure and permit no access - this is a temporary measure knowing that all new computers and software have the new model baked in.

 

Hope this helps - change is not fun, but this one, we have no choice on.

 

Bruce

 

Re: You must update your Rogers email account settings

RichardF
I Plan to Stick Around

Which of course begs the question as to why such a major mail client is not "secure".  Or, rather, begs the question of whether this is the best route.  MS obviously has a different view.

It would of course be utter cynicism to suspect any one of trying to freeze out rival mail apps or anything like that?