Internet > Web Browsing & Email

Google Mail Blocking Logins

(1/3) > >>

aesmith:
Hi,

A family member has an issue with Gmail, where it keeps blocking her applications or devices from connecting to the account. She sometimes gets a message from Google saying that access has been blocked, but it seems like sometimes under her account it lists the access attempts that it's blocked, but sometimes block is just listed as "Suspicious sign-in attempt prevented" with no apparent way of permitting.   Last night her Ipad, Iphone and Thunderbird email client were all locked out as "suspicious", even though they've been in regular use even during that day.  It was quite a business getting that lot unblocked since all normal lines of communications were blocked.

It seems to be triggered by the devices losing Internet connection, for example if the router is rebooted, then when they reconnect Google finds them "suspicious".

Only her personal account is affected.  Mine isn't and neither is the Gmail account she has for an association even though that's on the exact same devices.

Any ideas as to why this keeps happening, and is there any way to tell Google to permit ANY connection that has the correct password?

Thanks, Tony S

gt94sss2:
I wonder if enabling two factor authentication would help reassure Google that the logins were legitimate.

sevenlayermuddle:
I suppose there’s no possibility that her account really has been hacked or phished?

I think for example that an email apparently from Google notifying of suspicious activity would, in itself, quite probably be a phishing scam...

I’d second the suggestion for  two factor authentication, if not already in use.

aesmith:

--- Quote from: sevenlayermuddle on April 15, 2019, 05:23:45 PM ---I suppose there’s no possibility that her account really has been hacked or phished?
--- End quote ---
The Google account log shows the blocked sign in attempts, and these correspond to her attempts to access her email.  Strangely the devices are just called "Unknown Device" when they're blocked, but then when permitted in they're identified as Iphone, Ipad etc.   IP addresses are correct, I can see she was blocked twice from our home yesterday and on the 11th, and once from another family home last week. 


--- Quote ---I think for example that an email apparently from Google notifying of suspicious activity would, in itself, quite probably be a phishing scam...
--- End quote ---
The Google emails go to the email account that she has set as a recovery option for her main Gmail, not to the account itself, so as a scam they sender would need to know the identities of those two accounts.  However it's clearly sensible not to follow the link in the email but to log into the account via a web browser instead.


--- Quote ---I’d second the suggestion for  two factor authentication, if not already in use.
--- End quote ---
How does that work with phone or Ipad, or with any email client for that matter?   I can't see it being very practical if it kicks in every time a mobile device loses then re-establishes network connectivity, or moves from one network to another.  However I've not tried to see what happens.

sevenlayermuddle:
Obviously, with 2SV you can sign in on any browser, verified by a text message.  You configure a list of different phones, including landlines if desired.   Then when trying to log in, you choose which one should receive the message.

Once you have set up 2sv, you can configure “App specific passwords”.  These are strong machine generated passwords, that provide access to restricted parts of the google account, without exchanging text messages. 

For example, I have a script that runs daily on a linux box, backing up my google mail accounts.   To make that work, and allow it to connect without receiving  a text message, I created another app specific password, solely used by the script.  It also means the linux box does not need to “know” my personal google password, so cannot leak it.

For a while I used thunderbird mail on my iMac, and that too had its own password.  If there is ever a concern that an App specific password has been compromised, for example if my linux box had been stolen by burglars, I can revoke that one password without affecting anything else.

Using the native Apple mail app in modern iOS devices you don’t even need App specific passwords.   They are able to validate that the physical device in your hands provides the second verification step, I honestly can’t remember the details.

Navigation

[0] Message Index

[#] Next page