Ai Protection Google Email

[jplw]

I just got an email from Google that they are disabling the "less secure app access" feature for sending email on May 30, 2022. Ai Protection requires that this feature be turned on for their email notifications to work, according to ASUS documentation. Does anybody know whether ASUS wil update their firmware to not require that less secure access be turned on to work?

 

[OzarkEdge]

I just got an email from Google that they are disabling the "less secure app access" feature for sending email on May 30, 2022. Ai Protection requires that this feature be turned on for their email notifications to work, according to ASUS documentation. Does anybody know whether ASUS wil update their firmware to not require that less secure access be turned on to work?

If you are using the AiProtection Alert email feature, are you using your Google account password, or are you using a Google account app password that you must create within your Google account for a specific use such as this?

I am wondering if a Google app password will work, both with the router and with Google after May 30. At this point, I suspect yes... otherwise this forthcoming Google change will break my POP email client access to gmail which uses an app password to access gmail's POP/SMTP servers.

I have not received that email from Google.

OE

 

[jplw]

If you are using the AiProtection Alert email feature, are you using your Google account password, or are you using a Google account app password that you must create within your Google account for a specific use such as this?

I am wondering if a Google app password will work, both with the router and with Google after May 30. At this point, I suspect yes... otherwise this forthcoming Google change will break my POP email client access to gmail which uses an app password to access gmail's POP/SMTP servers.

I have not received that email from Google.

OE

I had created a new gmail account specifically for this purpose. Here is what Google says:

To help keep your account secure, starting May 30, 2022, Google will no longer support the use of third-party apps or devices which ask you to sign in to your Google Account using only your username and password.

Please note this deadline does not apply to Google Workspace or Google Cloud Identity customers. The enforcement date for these customers will be announced on the Workspace blog at a later date.

For more information, please continue reading.

Special Note on Apple Device Sign-Ins. Users who have not recently signed into their Google Account using only username and password will be able to only make new sign in attempts using the Google account type starting from February 28, 2022. Existing users may continue to sign into their Google Account using their username and password until May 30, 2022.

 

[OzarkEdge]

I had created a new gmail account specifically for this purpose. Here is what Google says:

Although you didn't answer how you are using it, I suspect it will stop working.... if it ever worked.

I'm not positive an app password will continue working after May 30, but you can try it. You must enabled 2-step verification on the Google account and then create an app password for the router. More about app passwords here:

Sign in with App Passwords - Gmail Help (google.com)

I never understood why the router needs the user's email account credentials to send the user an email. I assume it's some nifty email way, but it's not safe computing, imo. I'd skip it and just login to the router when you care to know that you've been protected.

OE

 

[dave14305]

Are you confident it wasn’t a phishing email of some sort?

Clarifying link:

Less secure apps & your Google Account - Google Account Help

Starting on September 30, 2024, less secure apps, third-party apps, or devices that have you sign in with only your username and password will no longer be supported for Google Workspace accounts.

support.google.com

 

[OzarkEdge]

Are you confident it wasn’t a phishing email of some sort?

Clarifying link:

Less secure apps & your Google Account - Google Account Help

Starting on September 30, 2024, less secure apps, third-party apps, or devices that have you sign in with only your username and password will no longer be supported for Google Workspace accounts.

support.google.com

The clarification there is that Google announces the May 30 cutoff and suggests using app passwords without saying app password access will be subject to the May 30 cutoff.

So, enable 2-step verification and create/use an app password and hope for the best.

OE

 

[dave14305]

The clarification there is that Google announces the May 30 cutoff and suggests using app passwords without saying app password access will be subject to the May 30 cutoff.

So, enable 2-step verification and create/use an app password and hope for the best.

OE

Yeah, I think this is targeted toward people using their primary password. Otherwise, the internet would be melting down over the loss of App passwords, maybe.

 

[OzarkEdge]

Yeah, I think this is targeted toward people using their primary password. Otherwise, the internet would be melting down over the loss of App passwords, maybe.

Yeah, that's my take on it, too.

Anyone enabling 2-step verification should also print out some access codes and file them away in case Google refuses to dance when you try to access your account using whatever 2-step methods you setup... stuff breaks.

OE

 

[jplw]

Yeah, I think this is targeted toward people using their primary password. Otherwise, the internet would be melting down over the loss of App passwords, maybe.

I turned on 2fa, generated an app passwprd, and entered into AIProtection on the router. I then visited a malicious site which it blocked, but I got no email. I was getting emails before when less secure access was turned on.

 

[OzarkEdge]

I turned on 2fa, generated an app passwprd, and entered into AIProtection on the router. I then visited a malicious site which it blocked, but I got no email. I was getting emails before when less secure access was turned on.

It's been awhile since I setup an app password for my email client. I would login and review yours in case there is some manual confirmation required the first time around.

OE

 

[RMerlin]

AFAIK, Asuswrt uses OAUTH.

 

[jplw]

Interesting, If it uses OAUTH, it should not require less secure app access.

 

[OzarkEdge]

it should not require less secure app access.

This ASUS FAQ suggests it does. But like most of their FAQs, it leaves you wanting to know more.

[AiProtection] How to receive alert mail from AiProtection? | Official Support | ASUS Global

OE

 

[jplw]

I just created a different app password as a test to make sure I was creating it properly. I used for a different "less secure" app (running on my Pi4), and it worked fine. Google even tels you the last time it was used. My Asus 66U B1, though reporting two malicious websites (I visited to test) through its GUI, has not even tried to use the app pasword I entered. This seems to me to be an ASUS issue, not a google one.

 

[RMerlin]

Maybe this is something they never finalized then. All I know is there's a lot of code related to Google OAUTH within the firmware. I don't know however if it's used, and what uses it.

 

[OzarkEdge]

I just created a different app password as a test to make sure I was creating it properly. I used for a different "less secure" app (running on my Pi4), and it worked fine. Google even tels you the last time it was used. My Asus 66U B1, though reporting two malicious websites (I visited to test) through its GUI, has not even tried to use the app pasword I entered. This seems to me to be an ASUS issue, not a google one.

Could be a router issue. If someone has it working one way or another, they may comment here.

OE

 

[richardeid]

I turned on 2fa, generated an app passwprd, and entered into AIProtection on the router. I then visited a malicious site which it blocked, but I got no email. I was getting emails before when less secure access was turned on.

I've had this problem for a while. I initially got it set up and the emails would come in no problem. After a firmware update along the way the emails stopped. After a while longer I factory reset the router and set that back up and it worked again. Then, at some point again, it stopped. I wasn't paying attention so it may have been a firmware update again or something else. And once after a firmware update the emails started showing up again. But now the last one I got was 6/8/20 and I never messed with it again. It's still set up and ready to rock and roll if it wants to but the info was limited usually so I found little value in the feature.

 

[OzarkEdge]

Someone just suggested that if you change your Google password, you have to update your app passwords. If true, that would be another nuisance.

OE

 

[rung]

I know this is technically in the wrong section (have an RT-AX58U with stock firmware 3.0.0.4.388_22525), but I am have the exact same issue. I recently turned Ai Protection back on because I was persuaded by conversations here it had more benefit than harm (okay, it was @Tech9). I figured if it is on, I would rather know if there was a trigger as soon as possible, so I turned on email alerts. Now before Google turned off less secure apps, I had this feature working (not sure how long but I did get one email I found in my email archive).

So this time I have turned on 2FA and set an app password and put all the credentials in the GUI. After a reboot, I have tested that the email system does work because I can successfully send an email from the command line:

echo "Router email test" | email -s "Router Email 1" xxxxxx@gmail.com

Also, all the parameters from:

nvram show | grep "PM_"

look correct but I haven't tried to decode PM_SMTP_AUTH_PASS to see if it matches my app password. However /tmp/etc/email/email.conf has the correct password in it (which I didn't generate) [obviously since the email command works].

So to test, I go to this site: Testing the Web Reputation feature in Trend Micro, and enter the Dangerous web address which is wrs49(dot)winshipway(dot)com into a browser on my network. The router this intercepts this attempt and displays the Ai Protection warning page. However, no email happens.

It is not a big deal but wondering if anyone has any ideas to try besides just doing a factory reset and trying again.

Thanks!

 

[jjones7791]

I know this is technically in the wrong section (have an RT-AX58U with stock firmware 3.0.0.4.388_22525), but I am have the exact same issue. I recently turned Ai Protection back on because I was persuaded by conversations here it had more benefit than harm (okay, it was @Tech9). I figured if it is on, I would rather know if there was a trigger as soon as possible, so I turned on email alerts. Now before Google turned off less secure apps, I had this feature working (not sure how long but I did get one email I found in my email archive).

So this time I have turned on 2FA and set an app password and put all the credentials in the GUI. After a reboot, I have tested that the email system does work because I can successfully send an email from the command line:

echo "Router email test" | email -s "Router Email 1" xxxxxx@gmail.com

Also, all the parameters from:

nvram show | grep "PM_"

look correct but I haven't tried to decode PM_SMTP_AUTH_PASS to see if it matches my app password. However /tmp/etc/email/email.conf has the correct password in it (which I didn't generate) [obviously since the email command works].

So to test, I go to this site: Testing the Web Reputation feature in Trend Micro, and enter the Dangerous web address which is wrs49(dot)winshipway(dot)com into a browser on my network. The router this intercepts this attempt and displays the Ai Protection warning page. However, no email happens.

It is not a big deal but wondering if anyone has any ideas to try besides just doing a factory reset and trying again.

Thanks!

So just did a factory reset, reverted to stock fw until the new Merlin build is out of beta and this is my outcome. Using a google app password, got the initial email from the router saying it was good to go (below). Then a few days pass and Trend Micro hits on a few sites, well 22 over all, and no emails from the router indicating malicious site blocking. Looking into this more, I tried the test you did above as well, and got the router test email. So I don't get it. Seems the app password is good and everything should be working, but it's not sending the emails when it hits on something. Like you said, not a big deal, but would be nice to have this since it's there.

Dear user,

This is for your mail address confirmation and please click below link to go back firmware page for configuration.

http://router.asus.com

Thanks,
ASUSTeK Computer Inc.