On 2016-04-25, David Champion <d...@bikeshed.us> wrote: > * On 25 Apr 2016, Grant Edwards wrote:
[regarding Google "app passwords"] >> Do you need different, unique passwords for mutt, imap, msmtp, >> offlineimap, and all other IMAP or SMTP clients on a particular >> machine? >> >> Are you required to use the same password for mutt on all machines? > > No. You can create as many application-specific passwords as you need > at https://security.google.com/settings/security/apppasswords. Each > can be tagged with an application name and a device name to help you > remember where you're using that password, but they're all equivalent. > Google doesn't pick up on what each one is specifically being used from, > although they may track whether passwords are being used at all. > > Choose your own granularity. Thanks. I suspected that was the case, but thought perhaps Google might be trying to fingerprint the connection attempts to actually identify the application and/or machine. The Google documentation is pretty much mute on the subject, and third party write-ups never address it either, they just provide a recipe for making it work with one app on one machine (actually in one case two apps on one machine, and it just stated: "create two passwords" with no explanation). I could have created a throw-away Gmail account and do some experiments to figure this out, but it didn't seem like something I wanted to do via trial-and-error on my "production" machines with my real accounts. I'll probaby go with a single "app password" per account per physical machine. Next I suppose I should figure out how to use gpg-agent so I don't store them in plaintext. It would be nice if I could somehow combine ssh-agent and gpg-agent so I don't have to enter a passphrase twice... -- Grant Edwards grant.b.edwards Yow! Now, let's SEND OUT at for QUICHE!! gmail.com
