Advertisements

Posts Tagged IMAP

Switching from ActiveSync (Microsoft Exchange) to IMAP and CardDAV for Google Gmail on iPhone

Since Google is discontinuing it’s ActiveSync services, which allowed iPhone (and other handhelds) to sync account data using ActiveSync, you may want to reconfigure your devices now, or simply remember how to do this for the future. Note these steps are iPhone-specific, but can be easily adapted for other phones.

I’ll explain how to delete the ActiveSync setup, then how to add an IMAP account configuration for mail and calendars, and a CardDAV setup for contacts. If you only want to add a new setup, simply skip the first section here.

Deleting the existing ActiveSync setup

You can delete the existing ActiveSync setup by going to Settings > Mail, Contacts, Calendars and locating the account under Accounts. Touch the account name, then scroll to the bottom and click Delete Account. This will remove the data associated with the sync from your phone.

Creating the sync accounts

You’ll want to create both a Gmail IMAP account (for mail, calendars, and notes) and a CardDAV setup (for contacts). If you want reminders as well, you’ll have to create a CalDAV setup.

Creating the Gmail IMAP setup

Creating this sync account is very easy on the iPhone. First, in Settings > Mail, Contacts, Calendars, touch Add Account….  Next, touch Gmail, and enter your account information.

Creating the CardDAV setup

Similiar to the above. Go to Settings > Mail, Contacts, Calendars, touch Add Account…, then scroll down and touch Other. Touch Add CardDAV Account. For Server, enter google.com, and continue with the rest of your account information.

For CalDAV, choose Add CalDAV Account instead of CardDAV, and follow the same account information.

If you use two-factor authentication for your Google account, be sure to use your application-specific password instead of your account password.

Google Apps setup is exactly the same as a standard Google account, just substitute your full email address for the username.

Advertisements

, , , , , , ,

Leave a comment

Google adds two-factor (2-factor) authentication for Gmail and Google Apps

Two-factor authentication finally comes for Google accounts, including Google Apps.

From Google:

Using 2-step verification will help prevent strangers from accessing your account with just a stolen password. When you sign in with 2-step verification, you’ll verify your identity using both a password and a code that you receive on your phone. Learn more

The one-time-password (OTP) that you receive on your phone can come from one of two different methods: Either a time-based password using the Google Authenticator app for your smartphone (BlackBerry, iPhone, Android), or as a text message. Google also provides you a set of codes that you can print out, in case you don’t get your code or your phone is lost. Keep them in a safe place, because if you lose your phone and your codes, getting access to your account is a royal pain — but that’s the way it’s supposed to be:

You’ll need to fill out an account recovery form to verify ownership of the account. Take time to answer each question to the best of your ability. The form was designed to ensure that no one can gain access to your account except you. Since Google doesn’t collect a lot of information about you when you sign up for an account, we will ask you questions like when you created your account, what Google services you use, and who you email frequently (if you use Gmail) to make certain you are authorized to access your account.

Two-factor needs to be turned on in your Google Account settings, and Google has an excellent walk-though on how to activate and test two-factor during the setup. Google calls their two-factor authentication simply “2-step verification.”

To access your account settings from your Gmail or Google Apps mail screen, click Settings in the top right, then click the Accounts tab, then Google Account Settings. then click the “2-step verification” link.

Google says that setting up their 2-step verification takes about 15 minutes, and it’s a good estimate. Budget longer if you’re less savvy or want to be more careful. There’s a testing step involved, so there’s little risk of locking yourself out of your account.

There are major security advantages to using two-factor authentication. One of the biggest simply being that if your password is compromised, there’s still a barrier preventing someone from logging in and having their way with your account.

Along with this, Google introduces what they call “Application specific passwords.” These are workaround passwords for applications (IMAP/POP/SMTP clients, Google Talk, etc) that can’t present the OTP passwords required for two-factor authentication. Instead, you generate a different password — one for each resource if you like — and enter that in your application instead of your normal password. Sound confusing? It’s not, really. This has the added advantage that if someone gains access to your applications configuration files (e.g. Outlook) and pulls your password out, they can’t use it to log directly into your Google account. You can also go into your Google account and revoke these generated passwords at a later date if a resource does become compromised.

After enabling 2-step authentication, you’ll receive an email with information which includes information about application specific passwords:

IMPORTANT: What to Do If Some Applications Stop Working

Some applications that access Google data do not accept verification codes. They
only accept usernames and passwords. Examples include:

-Smartphones (e.g., Android, iPhone)
-Mail clients that use IMAP/POP (e.g., Outlook Express or Thunderbird)
-Chat clients (e.g., Google Talk)
-Picasa desktop application

Now that you have signed up for 2-step verification, these applications will
temporarily stop working. You can get them working again by entering an
application-specific password into the password box, instead of your regular
password or your verification code.

That email will contain a link to generate those application-specific passwords.

Security-minded individuals will no doubt embrace these changes to Google. I for one appreciate that Google is going to such great lengths to provide easy-to-implement security tools that benefit the consumer. I believe that Google may have done something really great here — users who are really concerned about security in Internet resources may now seriously consider creating Google account. Less technical consumers may still use Google using conventional username/password combinations if they so desire.

What do you think of Google decision to add two-factor authentication to accounts? Are you, or will you be, taking advantage of it?

, , , , ,

Leave a comment

My rant on Blackberry

So there’s a lot of things the Blackberry does RIGHT:

  • Good-sized full-QWERTY keyboard, without having to slide/rotate the phone.
  • Easy navigation via the trackball/trackpad (depending on model)
  • Fully multitasking OS
  • Quality speakerphone / microphone without echo
  • Durable hardware and great battery life

Now here’s where my rant begins:

For one, the Blackberry has a distinctive LACK of available “fun” software. There are a fair amount of games, but not nearly the selection of other mobiles. WinMo, Palm, and the iPhone especially have a wider variety of games, and other “fun” software.

For two, the Blackberry apps are quite a bit more expensive. From $2.99 per app on the cheap side all the way up to $50 for the priciest apps.

And for my biggest gripe, the distinct LACK of good IMAP support for BIS users. While the “push” email is great and all (email delivered to the phone when it’s delivered to the mailbox; no having to “poll” the mailbox), the inablility to use IMAP folders other than Inbox is a serious setback. More so, you’re only able to get new messages on the device, rather than being able to download mail that’s already in your box.

The IMAP issue is something that WinMo, Palm, and iPhone and some other phones already do quite nicely. this puts the Blackberry at a distinct disadvantage compared to other devices.

While this issue seems generally solved for Gmail users (through the “Enhanced Gmail plugin for Blackberry”), this is only for the single provider.

In my opinion this is something that RIM needs to get on with a quickness. This lack of proper IMAP support has me looking at other phones for the future.

If I could find a phone with a good QWERTY keypad with features like the Blackberry (along with proper IMAP) I’d definately consider switching when my times comes due.

Of course, if they enabled proper IMAP support in BIS, I think I’d be pretty happy indeed.

Time will tell. Maybe I’ll just learn to live with it.

, , ,

Leave a comment