Server pw reset required

12 views
Skip to first unread message

Scott Peters

unread,
Apr 28, 2020, 11:40:59 AM4/28/20
to K-9 Mail
Linked to Microsoft Outlook email. Required to change passwords every 30 days on our server. Just changed mine for the first time since using K-9 and now keep getting failure to authenticate messages. How do I change the setting to recognize the account with the new password?

Sean Greenslade

unread,
Apr 28, 2020, 12:36:38 PM4/28/20
to k-9-...@googlegroups.com, Scott Peters
Account settings -> Fetching mail -> Incoming server

Account settings -> Sending mail -> Outgoing server

And wow, forced password rotation every 30 days? That's crazy, and probably counterproductive. Current best-practice guidelines suggest only rotating passwords when there is an actual account compromise. If you can, point your IT people to the NIST guidelines, section 5.1.1.2:

https://pages.nist.gov/800-63-3/sp800-63b.html

The important quote:

> Verifiers SHOULD NOT require memorized secrets to be changed arbitrarily (e.g., periodically). However, verifiers SHALL force a change if there is evidence of compromise of the authenticator.

--Sean

Scott Peters

unread,
Apr 28, 2020, 4:58:00 PM4/28/20
to K-9 Mail
Thanks. That got it
Reply all
Reply to author
Forward
0 new messages