@ntozier is it possible to get this thread moved to the troubleshooting and problems section of the forum? I do need some help solving this issue, or should I create a new topic?

Thanks!

I've added the troubleshooting tag for you.

a month later

Bump, is there anyone that can help with this?

SeanZF I manage a Office365 environment its crazy easy to turn off two factor auth for one account. If security is an issue why not make it like a 30 character password?...
Helpdesk mail account cant really be a security risk.

    We also use o365 and have MFA turned on. We shut it off for the tickets account(s).

    Good day.
    we just receive this announcement by Microsoft :

    Beginning October 13, 2020, we will retire Basic Authentication for EWS, EAS, IMAP, POP and RPS to access Exchange Online. Note: this change does not impact SMTP AUTH
    (....)
    Any application using OAuth 2.0 to connect to these protocols, will continue to work without change or interruption.

    Based on my understanding of the OsTicket mail fetch this mean that we will be lock out on October 13 2020 if there is no change in the way OsTicket work.

    Can you confirm if I’m right ?

    Thanks you.

    This is over a year out, but I agree it is good to plan ahead. I have made sure that the devs saw this post so that they can plan a solution. This will affect multiple things here where I work [at least: osTicket, all our scanner/copiers, and anyone using android or ios built in mail apps for mail].

      We also use office365 for our email accounts and have been polling for tickets successfully for a while now (with 2fa turned off of course) but now we just received a similar notice about our mail accounts switching over to oauth and will be looking to know if osticket will support "modern auth" or "oauth" as our IT folks referred to it.

      ntozier just to let you know we had that issue with mail for iPhone and Android when we switch on the MFA. But for the vast majority of end user that have created they account with in the last year (ish) the move was without issue, the rest had to remove and re-add the account. Still a pain but the support is there.

          ntozier So then it's relatively safe to assume that OAuth support is a planned feature?

            It is relatively safe to assume that the devs will talk about it and make their own determination as to if this should be a planned feature.

            3 months later

            Just got this email from Google. Looks like Gsuite is moving to require OAuth authentication for checking/sending email inboxes using the IMAP protocol.

            Starting February 15, 2021, G Suite accounts will only allow access to apps using OAuth. Password-based access will no longer be supported.
            Dear Administrator,

            We’re constantly working to improve the security of your organization’s Google accounts. As part of this effort, and in consideration of the current threat landscape, we’ll be turning off access to less secure apps (LSA) — non-Google apps that can access your Google account with only a username and password, without requiring any additional verification steps. Access through only a username and password makes your account more vulnerable to hijacking attempts. Moving forward, only apps that support a more modern and secure access method called OAuth will be able to access your G Suite account.

            Access to LSAs will be turned off in two stages:

            June 15, 2020 - Users who try to connect to an LSA for the first time will no longer be able to do so. This includes third-party apps that allow password-only access to Google calendars, contacts, and email via protocols such as CalDAV, CardDAV and IMAP. Users who have connected to LSAs prior to this date will be able to continue using them until usage of all LSAs is turned off.
            February 15, 2021 - Access to LSAs will be turned off for all G Suite accounts.
            What do I need to do?
            To continue using a specific app with your G Suite accounts, users in your organization must switch to a more secure type of access called OAuth. This connection method allows apps to access accounts with a digital key instead of requiring a user to reveal their username and password. We recommend that you share the user instructions (included below) with individuals in your organization to help them make the necessary changes. Alternatively, if your organization is using custom tools, you can ask the developer of the tool to update it to use OAuth.

            Came here to comment about this same email from Google. We have a little bit of time, but I want to know how to fix this down the line.

            12 days later

            FOLLOWING:

            whilst i don't need this for my personal helpdesk i do need it for a couple of NFP helpdesks i host

            would even be happy to contribute a donation to get this across the line

            h

            @zeHamish

            No need for donations as supporting OAuth is something on our list of Feature Requests and something we are looking to accomplish before the cutoff dates (as we use Gmail internally and this will affect us as well).

            Cheers.

            5 months later

            Good day, do you have any news on this ?
            I know Microsoft has push back, but it still on the horizon ;-)

            Any think we can do to help ? Provide test environnement or test a upcomming merge request maybe ?

            Thanks you again for all the work !

            Hi, As Tomlaf, I'm interested in knowing if there are any news on this.

            Best regards,
            Rosa