You must update your Rogers email account settings

Need Help?

That's what we're here for! The goal of the Rogers Community is to help you find answers on everything Rogers. Can't find what you're looking for? Just ask!
cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Highlighted
I'm a Trusted Contributor
Posts: 521

Re: You must update your Rogers email account settings

 


@leephillips wrote:

how do I update my email account?


@leephillips

 

Note that No changes are required if you only check your email using Rogers Yahoo! Webmail

ie. If you are logging into Rogers email through Yahoo or another browser, just use your old password.

 

Assuming you are using an app like Outlook to get all your various emails, try this site for instructions:

 How-To-Updating-your-Rogers-Yahoo-Email-Settings

Remember it is really two Steps

1. using the Rogersmembercentre to get your 16 character password for each email, then

2. using the setup instructions for whatever email you are using with the generated password. 

 

This isn't the best approach as others have said on this thread, but what can you do. It's Rogers!

Good luck. 

 

 

 

Highlighted
I'm a Trusted Contributor
Posts: 521

Re: You must update your Rogers email account settings

@RogersRoland

 

I have followed the instruction you posted for MS Outlook, but my wife now gets this pop-up when she sends a message.  Before I contact anyone else, can you answer a few questions:  

 

Rogers Sent Server.png

 

You indicate in the instructions below that you can put the app password in the Outgoing server settings and I tried that but she still gets the pop-up. In the instruction below, you also say  enter it in your Outbound Email Server settings only.

 

1. Does that mean you DO NOT put the App pwd in the logon information setting section for Outlook?

2. Also is smtp.broadband.rogers.com  still the right server name to use?

3. I assume the Outgoing Server port number is still 465. Is it?

 

Thanks

 

How do I update my settings to use the App Password?

The instructions below will help you update your password with the App Password for the most common email clients. If you need help with a client that’s not in the list, the software manufacturer will best be able to assist you with this.

Note: These instructions are intended for Rogers Yahoo! email users only. If you use a Rogers Yahoo! account to send email from a non-Rogers Yahoo! address, we recommend that you reach out to your other provider. Most have now updated their servers so that this is no longer necessary. If they are unable to help, you can still create an App Password, however enter it in your Outbound Email Server settings only.


Outlook 2010/2013/2016

  1. Click File.
  2. Click Account Settings twice.
  3. Select your Rogers email account and then click Change.
  4. In the Logon Information section:
    • User Name should be your full @rogers.com email address.
    • Password - enter or copy/paste the App Password you generated above for Outlook. Ensure the Remember Password option is checked.
  5. Click Next.
  6. Click Finish.
  7. Click Close.
Highlighted
I Plan to Stick Around
Posts: 16

Re: You must update your Rogers email account settings

A couple of questions

- When you put the application password in the Outlook dialog you've shown here, did it work? (Ie did the mail then get sent successfully)?

- Did you also check the "Save password in your password list" box? If you don't then it won't save the password, and you'll have to enter it (or another new application password) the next time. If you do check the box to save the password, though, it should save it and you won't need to enter it in future.

Hope this is helpful.

Highlighted
I'm a Senior Advisor
Posts: 2,154

Re: You must update your Rogers email account settings

@jbraver  The last thing I ever expect from Rogers anymore is an acknowledgement of how poorly they may have implemented an change but at least you did finally get a responsible tech who would spend the time to work you through it.  My brother in law spent 5 days working with tech support before they finally got everything resolved.

 

Keep in mind that their family has many people who can guide them like myself, and their son who supports email systems for small business, doctor's and dentist offices, as well as business equipment and so forth.  He absolutely will not put any of his customers on Yahoo, period.

 

And I refused to help because number one, each person's issue is somewhat unique, and I am doing being a fill in for Rogers - I do it on the forum, but not for friends and family, and I provide it for the forum by making tech support me until I understand it enough and have tested at length to get it right and then try to communicate it, which I must say has not been the easiest thing to do with all the distracting communication about new protocols, and other things that raise questions, and just interfere with dealing with the steps provided.

 

I am glad they compensated you for your time and that you used the escalation process - escalation in my mind is also for "waste" of our time due to poor support - it is all part of customer service quality.  In away, that is an unspoken message that they were wrong and accept responsibility, but I wouldn't go looking for them to admit they did it poorly.

 

As for the issue of feeling like it is dumped on us as customers and it is our problem - I feel that comes from the responses to us - "did you follow the instructions?", try it again and let us know - how about try it again, walk us through it and don't hang up until we have implemented and tested every device and issue, so that they can verify that what they did resolved the issue rather than have us phone back over and over again, or try to dig it out of the forums, the FAQ's and so many different sources.

 

Glad you got it worked out.

 

Bruce

Highlighted
I'm a Trusted Contributor
Posts: 521

Re: You must update your Rogers email account settings


@SheamusPatt wrote:

A couple of questions

- When you put the application password in the Outlook dialog you've shown here, did it work? (Ie did the mail then get sent successfully)?

- Did you also check the "Save password in your password list" box? If you don't then it won't save the password, and you'll have to enter it (or another new application password) the next time. If you do check the box to save the password, though, it should save it and you won't need to enter it in future.

Hope this is helpful.


She said when she clicks ok the email gets sent.  I don't think she checked it off. 

I set it up this way though to remember the app password.  

 

Rogers Outgoing server setting.png

Highlighted
I'm a Trusted Contributor
Posts: 521

Re: You must update your Rogers email account settings


@ti3 wrote:

There's an article on howtogeek.com about these app-specific passwords and how they are a band-aid solution at best and the security risks they pose.  Not a great solution Rogers. 


FYI.  When I tried to add a Google gmail account to my Outlook 2016 app, I got this message:

 

Are you the one who tried signing in?
Google will continue to block sign-in attempts from the app you're using because it has known security problems or is out of date. You can continue to use this app by allowing access to less secure apps, but this may leave your account vulnerable.

 

Basically Google wanted me to use the same app password procedure as Rogers or "allow access to less secure apps", by changing my Windows 10 settings which is a strange recommendation.  Facts are difficult to find on this, especially when "howtogeek" says the app password procedure isn't such a great solution.   

Highlighted
I'm a Senior Advisor
Posts: 2,154

Re: You must update your Rogers email account settings

Yahoo mail, in their first iteration of making these changes had the same feature of providing the user the opportunity of updating to a new more secure email client, or accepting them as an unsecure app.

 

Rogers removed the ability to do this through bypassing the standard Yahoo account setup where they had the passkey mode, a 2 step activation and the accept insecure clients. Rogers prevents this by not giving you access to the broader options available to a Yahoo email account.

 

This practice of accepting insecure practices is actually more common than we think - if we use Chrome which does not permit Flash and some Java versions from running and you have to accept it on a one time only use, because producers of material refuse to drop the insecure models of Java and Flash.

 

So, yes it is a bandage and companies take different approaches to this ongoing issue of security versus old software.

 

Rogers has confused things considerable by creating their own interface for setup - rather than using the Yahoo one, which you could use their help docs and forums to guide you, but they have removed the ability to accept an insecure app as Yahoo and GMail have done.

 

All a compromise.  On current software/apps/device, it is creating a token that is baked into the security of the phone or device and cannot be found or compromised - no one ever sees the passkey.  Rogers took the middle ground of the model and prevented declaration of insecure apps, set in the passkey model, and permit in on only one device only and remembering the passkey.

 

As I mentioned, one more example of security moving faster than technology and a compromise model is created to allow less secure apps that we are happy with, and may not wish to change (we know it, it costs money to upgrade, etc).  I once had a customer who sat on Office 1997 version well past the support date because she knew it well and didn't want to change, so I created work arounds for her until we could not do it anymore - I recommended an upgrade to current software, she refused, I stopped supporting her.  She was back asking for support and a new computer and software about a year later.

 

Technology rolls forward as the people who hack it create a new way through as each new upgrade comes.

 

Bruce

Highlighted
I Plan to Stick Around
Posts: 156

Re: You must update your Rogers email account settings

The point that either Im missing or Roger is is that ...

With Outlook currently, for each account I have a different 'user password' that I have the option to require entry at each sign in (ie NOT remembered).   My practice differs between the accounts.   The point is, I have that choice.

 

Under the new protocol, I'm forced to use the remember / save password feature.   And, as the generated passwords do not fit my methodology for creating passwords for the various categories of application, I have to write it down somewhere in case it needs to be re-entered.  

 

Are the new passwords more secure than my own?  Possibly, until the password generating web site is hacked anyway.   Materially more secure?   That's an interesting question, as there would now seem to be a sort of herd immunity.   Under the new protocol hacking algorithms have to be set up for up to 16 char random keys which I think reduces the chance of cracking any old-style secure password even if only 8 chars.

Highlighted
I'm a Senior Advisor
Posts: 2,154

Re: You must update your Rogers email account settings


A couple of comments clarifications, at least based upon thread comments, and research on OAuth(2), the new authentication protocol that is now standard in the whole industry, for connecting services like email to a device or other accounts.

@RichardF wrote:

The point that either Im missing or Roger is is that ...

With Outlook currently, for each account I have a different 'user password' that I have the option to require entry at each sign in (ie NOT remembered).   My practice differs between the accounts.   The point is, I have that choice.

 

Under the new protocol, I'm forced to use the remember / save password feature.   And, as the generated passwords do not fit my methodology for creating passwords for the various categories of application, I have to write it down somewhere in case it needs to be re-entered.  

Yes, you are right in that the new model, which is industry standard now, not a Rogers thing, they had to implement the changes as put forward by Yahoo and the industry has changed things in our thinking and use of authentication, password methods.

 

Yes, you are forced to use the remember/save password feature - no choice in that one.

 

 

 

Are the new passwords more secure than my own?  Possibly, until the password generating web site is hacked anyway.   Materially more secure?   That's an interesting question, as there would now seem to be a sort of herd immunity.   Under the new protocol hacking algorithms have to be set up for up to 16 char random keys which I think reduces the chance of cracking any old-style secure password even if only 8 chars.

 

The confusion that has been created in the presentation of this new protocol, not just Rogers, but Yahoo too, is that the 16 random letters are not a password (per se).

 

It is a work around to provide a method of linking the "insecure outlook and other models" - that is the words of the industry, not mine.  

 

That passkey is one time use only in that on the server authentication side, a secure RSA token key is created to make connection to the Yahoo servers.  Some how on our device side, a key is also created, I won't try to understand that process.

 

The passkey is used once and only once and tied to the features of your device, much like the registration keys are tied to OS and device features for authentication of authentic software.

This passkey, which we put in once and save, can never be used on any other device, and you can revoke it if your device is lost stolen, or damaged.

 

So, the issue is to remember that a password and a passkey are fundamentally not the same thing at all.  It just happens that the passkey which on our new devices is encrypted and unavailable and works through one time authentication processes, in the older software it is placed into the password field and saved in order to facilitate the creation of the encrypted keys linked to your and only your device/software combination.

 

So, I can understand that people are confused, and it is contradictory to everything we have been taught, and these steps exist only due to the legacy nature of the software.  They could have taken a more extreme process - just say these software are insecure and permit no access - this is a temporary measure knowing that all new computers and software have the new model baked in.

 

Hope this helps - change is not fun, but this one, we have no choice on.

 

Bruce

 

Highlighted
I Plan to Stick Around
Posts: 287

Re: You must update your Rogers email account settings

I use Seamonkey and Thunderbird for email.  They have OAuth2 available for authentication.  Why is this not used.  I currently am configured for Normal Password and used that 16 character password.

 


@BS wrote:

A couple of comments clarifications, at least based upon thread comments, and research on OAuth(2), the new authentication protocol that is now standard in the whole industry, for connecting services like email to a device or other accounts.

@RichardF wrote:

The point that either Im missing or Roger is is that ...

With Outlook currently, for each account I have a different 'user password' that I have the option to require entry at each sign in (ie NOT remembered).   My practice differs between the accounts.   The point is, I have that choice.

 

Under the new protocol, I'm forced to use the remember / save password feature.   And, as the generated passwords do not fit my methodology for creating passwords for the various categories of application, I have to write it down somewhere in case it needs to be re-entered.  

Yes, you are right in that the new model, which is industry standard now, not a Rogers thing, they had to implement the changes as put forward by Yahoo and the industry has changed things in our thinking and use of authentication, password methods.

 

Yes, you are forced to use the remember/save password feature - no choice in that one.

 

 

 

Are the new passwords more secure than my own?  Possibly, until the password generating web site is hacked anyway.   Materially more secure?   That's an interesting question, as there would now seem to be a sort of herd immunity.   Under the new protocol hacking algorithms have to be set up for up to 16 char random keys which I think reduces the chance of cracking any old-style secure password even if only 8 chars.

 

The confusion that has been created in the presentation of this new protocol, not just Rogers, but Yahoo too, is that the 16 random letters are not a password (per se).

 

It is a work around to provide a method of linking the "insecure outlook and other models" - that is the words of the industry, not mine.  

 

That passkey is one time use only in that on the server authentication side, a secure RSA token key is created to make connection to the Yahoo servers.  Some how on our device side, a key is also created, I won't try to understand that process.

 

The passkey is used once and only once and tied to the features of your device, much like the registration keys are tied to OS and device features for authentication of authentic software.

This passkey, which we put in once and save, can never be used on any other device, and you can revoke it if your device is lost stolen, or damaged.

 

So, the issue is to remember that a password and a passkey are fundamentally not the same thing at all.  It just happens that the passkey which on our new devices is encrypted and unavailable and works through one time authentication processes, in the older software it is placed into the password field and saved in order to facilitate the creation of the encrypted keys linked to your and only your device/software combination.

 

So, I can understand that people are confused, and it is contradictory to everything we have been taught, and these steps exist only due to the legacy nature of the software.  They could have taken a more extreme process - just say these software are insecure and permit no access - this is a temporary measure knowing that all new computers and software have the new model baked in.

 

Hope this helps - change is not fun, but this one, we have no choice on.

 

Bruce