Why is it not possible to generate app password in Yahoo? - passwords

I am integrating Yahoo in my application to read e-mails. For authentication, I have been using app password created at Yahoo. But now there is no option to generate app password itself. Is it a temporary problem?
Used to generate App password at Yahoo in the past (until end of Jan'23), as part of validation. I am expecting that it should be possible to generate the app password today also.

Related

native login with google login in a Website

I'm working on a MERN stack web app.
i have used firebase for backend for sign up,
now i want to have native login functionality as well as log in with google,
i already have imported log in functionality for both , and they are working like hot knife on butter.
but i failed to create proper logic,
in my schema password is required.
and when user log's in with google, i will not get password,
so what should I do?
should i remove required from password? and when user triggers password event, should i just check if he/she is google id logger with help of googleID provided by google,
or encode some another thing to compensate for password, which will of course be a BAD IDEA!
tell me logical flow thay you all are working with , Please!!
Thanks
right now I'm just encoding GoogleID provided by google , encoding it for password => for temporary purpose.

Changing account security to create app password through API

I'd like to at least automate some of this process:
https://forwardemail.net/en/faq#how-to-send-mail-as-using-gmail
It asks for an app password to forward emails under a different email username. Can either the app password generation part or the email username part be automated?
No apps password must be created by the user in their google account after enabling 2fa.
Im not sure about googles TOS though using an apps password in a third party system like this. It should not be something that is shared in my opinion.

How to verify Firebase password reset code with firebase admin SDK?

I know it is possible with the client SDK but is it possible with the admin SDK? The reason I want to do this is because I want my own back-end to verify the code so that I can also send a password reset confirmation email. Is this possible?
The Admin SDK does not provide this functionality. However, you are free to implement a password reset system yourself, using the Admin SDK only to actually change the user's password by updating the user account.

Can't find password for Shopify App

I'm trying to access Shopify Admin APIs through postman.
Tutorial says that
For Username and Password provide your store private API key and password respectively.
I do have the API key, however there is no password filed on my admin page? I tried finding some solutions online, however the screenshots mentioned in those solutions did contain a password filed on the admin page. My page does not have it. I only have API key & API secret key
There are two types of App in shopify, one is embeddedSDK and second one is private App. For the embeddedSDK you can you Postman, but for the private Its will not access through postman.
Thanks
There could be one of following reasons of not having password.
- You are logged in with diff. user or Not having admin access to app.
Your Store Password & Username may work in place.
- Make sure your app is in published state.
share more details in case still hanged with these buggy things.
From Using Postman - Shopify tutorial:
Once you have a Shopify store, you can quickly generate your API credentials using a private app.
You need to create a private app from your development or managed store - not in your partner account.
Click the link at the bottom of the apps page:
Working with a developer on your shop? Manage private apps
From there you can create a new private app to get your API key and password.

Apache Tomcat - Two factor authentication

I am trying to integrate a two factor authentication solution with a mail server that is hosted on Apache Tomcat. Right now the app is using form based authentication and the user enters his user name and password and is authenticated against openLDAP as back end.
What we want is the following -
1). User enters his Un and PWD
2). The request is "intercepted" and put on "hold"
3). A one time pwd (OTP) is generated and sent as SMS to the user.
4). The user sees a new page with a box to enter that OTP.
5). The user enters his/her OTP sent as SMS
6). The OTP is verified and if true the "held" request in step "2" is forwarded for further authentication
The trouble is that I have no access to source code of the mail server app.
I can achieve something very similar in IIS(Microsoft) using an ISAPI filter, but need to know how to achieve this in Apache?
I am looking on the lines of Valve/Filter and SAML, but have no clue how and where to progress.
I contacted the logintc guys for their 2-factor credential and resolved my 2-factor using their apps. Check them out.
https://cloud.logintc.com
The LoginTC platform services are free for under 1,000 users. So that's great.
I followed the instructions from this URL: https://cloud.logintc.com/help/developers
Basically, I created an admin account for my domain in the logintc cloud control panel. Then I used the Server-Side Authentication instructions to enable my Apache website with the logintc button, and added the code snippet in my authentication page.
My users download the logintc app from Appstore, Android or Blackberry marketplaces, I issue them a Confirmation Code and they create their credential token in the app with a PIN (same as ATM cards)
The whole thing takes less than 1 hour to configure. My users get an out-of-band notification to unlock their credential with the PIN, and bingo, they achieve 2FA.
You must check them out
I would suggest using OpenAM former OpenSSO from Sun
It has a filter/agent that can be deployed on apache And it has very good support for multi-factor authentication including SMS authentication module.