You must update your Rogers email account settings

Need Help?

That's what we're here for! The goal of the Rogers Community is to help you find answers on everything Rogers. Can't find what you're looking for? Just ask!
cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
I'm a Senior Advisor
Posts: 2,091

Re: You must update your Rogers email account settings

That is what I am doing is running through a dummy account.

 

Just confirmed that 2 step authorization is not available and the web site they used to send us to, it puts us through the process, but the code never gets sent to my cell phone, and there is no way to turn it on and off if you chose too.

 

In Yahoo normal account settings, which we can't get at now as it takes us to the member page just put out by Rogers, so unlike in Yahoo's own email where you can set 2 step authorization, you can turn it on and off, and you can opt out of this new passkey model, but on our Rogers email accounts, you don't have that options, So, no you can't opt out by the looks of it.

 

Guess Rogers has decided to go a different model by restricting the full security choices and options that yahoo provides.  Guess they have decided their method is better than Yahoo provides. Smiley Very Happy

 

I am done for today, I will test the pass key stuff tomorrow.

 

Bruce

I'm a Senior Advisor
Posts: 2,091

Re: You must update your Rogers email account settings

@JKnott  Thanks for the clarification.  I know that POP and IMAP have nothing to do with security and the functional differences between the two.

 

Where that issue comes into play is that over the last year, their security certificate for POP access failed, and they announced and Rogers announced that they were dropping POP and maintaining only IMAP.

 

This is all I was pointing out is the amount of inconsistent communication that was coming out on the topic of security and all these changes.

 

It is also a persistent pieve for me and many others just how often Rogers communicates significant changes in an inconsistent and confusing manner.

 

That is all.  It was merely a rant, but now I am sticking to understanding just how does this thing work, although we may not fully understand until they fully implement it.  

 

For example, people have asked about 2 step authorization, which I am sure some have been using - there is no way to access the settings anymore, and the old help site that sent us to a Rogers page to set it up runs you through the steps, but doesn't send out a code to the cell phone, so I have asked for clarification on this from Rogers.  If I here anything different, I will post it, but for now, 2 step authorization doesn't seem to be able to be set up anymore.  Don't know if people currently using it can still use it or not.  I leave that to others to report.

 

Thanks again for the clarification.

 

Bruce

I'm a Senior Advisor
Posts: 2,091

Re: You must update your Rogers email account settings

2 step authorization, the one way from an post last year - provided this link

 

https://edit.yahoo.com/commchannel/sec_chal_manage?.scrumb=EEWWqyk1TBA&.scrumb2=Vt4IwHGWDsM&.done=&p...

 

Will not send the two step verification code, so guess that is now no longer in place.

 

Please could a Rogers Mod confirm if this is true.

 

Bruce

I'm a Senior Advisor
Posts: 2,091

Re: You must update your Rogers email account settings

@JKnott

 

I just tested on the most current Thunderbird client.

 

You are right, there is no OAuth2 in the pop settings.

 

It doesn't appear that you use the OAuth2 as the setting, you currently leave it as Normal.

 

I have got thunderbird to work on a dummy account with either the passkey, or the regular password - may change in future.

 

Interesting one though - I set one up on a real old client (Pegasus), and use the same key as I did for thunderbird.

 

It connected fine.

 

So either OAuth2 (the way it is supposed to work - with a token assigned to each device or application) is not functioning or not turned on, or this is not really OAuth2, just a randomized password generation.

 

Guess we will see over time.  I think I will pack in this playing - it was fun, but I think I know all I need to know for now.

 

For now:

 

either the passkey, or your regular password will work in thunderbird or pegasus

 

Both POP and IMAP protocols worked find for me with either passkey or regular password In spite of this yahoo help page https://help.yahoo.com/kb/SLN28161.html where they said POP was not functional after March 31st, 2017.

 

It doesn't seem that the authentication method has to be set to OAuth2 on thunderbird, but left as normal.

It didn't speak to this in the instructions, nor did it talk about secure authorization on Outlook 2013 and 2016.

 

And at the moment, you can use the same passkey on the two apps I mentioned, so I guess we won't fully know what the implications are until it gets fully turned on.

 

What a mess!!  Between Yahoo, and Rogers, there are two different messages when it comes to authentication using passkeys, or 2 stage authentication, and although Yahoo says you can turn it off in account settings,

Rogers does not permit us to get into those settings anymore, keeping us to the limitations on the member centre page for email accounts.

 

So maybe Rogers has decided to place their own restricted model of security layered on top of the Yahoo security models.  I don't know, that is just a guess.

 

I have done testing with a brand new yahoo account by the way, and everything that Yahoo says in terms of setting up security works just fine on old mail clients or on my phone devices.  go figure!!

 

Bruce

 

For now, I guess just follow the instructions on older clients and devices, and create a different one for each application or device since that is what they have instructed us to do and once it turns on, I hope it works properly.

 

Bruce

 

 

I Plan to Stick Around
Posts: 156

Re: You must update your Rogers email account settings

Can anyone comment on how secure OAuth is?   Wiki is not encouraging. 

Of course if Rogers isn't actually using it, its moot haha. 

I've Been Here Awhile
Posts: 3

Re: You must update your Rogers email account settings

Called Rogers again today, tech support has no idea what to do if one email program has more than one email account on it.

 

Joy.

I Plan to Stick Around
Posts: 261

Re: You must update your Rogers email account settings


BS wrote:

@JKnott  Thanks for the clarification.  I know that POP and IMAP have nothing to do with security and the functional differences between the two.

 

Where that issue comes into play is that over the last year, their security certificate for POP access failed, and they announced and Rogers announced that they were dropping POP and maintaining only IMAP.



I wasn't aware of that.

 

Rogers Employee borford
Rogers Employee
Posts: 145

Re: You must update your Rogers email account settings

First of all, it is recommended that each device you use has a separate code so that if a device is stolen or lost, you can trash that code to prevent access to your email on that device. So ideally if you were using one email address with say "bri" in the address you could name the codes "brimac", "briIphone", "briTablet" etc..

Secondly, as it currently stands (hopefully will change), you have to log into member centre with each email address you use, to generate you passwords for that email. Hopefully it will evolve that you can manage all sub accounts from the master email in member centre. Hopefully that clarifies things a little. Also these passwords are not sent to your devices, they have to be manually entered on each device/app. Member center just keeps a list of the nicknames for each password so that they can be trashed if required

 

Brian

I Plan to Stick Around
Posts: 156

Re: You must update your Rogers email account settings

And this has to be done each time you change your passwords...

I Plan to Stick Around
Posts: 156

Re: You must update your Rogers email account settings

I'm also not clear why traditional username / password is good enough for internet banking but not for email.