Updated FAQ

2019-06-20 12:07:07 +02:00 · 2019-06-20 12:07:07 +02:00 · a70e408dee
parent f141e866a9
commit a70e408dee
1 changed files with 8 additions and 5 deletions
--- a/FAQ.md
+++ b/FAQ.md
@ -1827,15 +1827,18 @@ Alternatively, you can *Delete local messages* by long pressing the folder(s) in
 <a name="faq111"></a>
 **(111) Can you add OAuth authentication?**

-OAuth authentication requires creating an online (Google, Microsoft, etc) app,
-which would make authentication for many people dependent on one account, which is a bad idea.
+(X)OAuth authentication, formerly available as *Select account* for Google accounts, requires creating an online (Google, Microsoft, etc) app,
+which would make authentication for many people dependent on one (developer) account, which is a bad idea.

-Google requires requesting special permission for the online app every year and has appeared to be unreliable in granting this permission.
-When requested permission for FairEmail, the request was denied with the remark that send permission would be enough, right ...
+Google requires requesting special permission for the online app and has appeared to be unreliable in granting this permission.
+When requested permission for FairEmail, the request was denied with the remark that send permission would be enough, ... right.
+An appeal was completely ignored, which is unfortunately typical for Google.
+Also, Google requires a yearly security assessment which will cost between $15,000 and $75,000.
+This is how you exclude independent developers ...

 Outlook and Hotmail do not properly support OAuth for IMAP/SMTP connections.
 [MSAL](https://github.com/AzureAD/microsoft-authentication-library-for-android) is supported for business accounts only
-and OAuth requires embedding a client secret in the app.
+and requires embedding a client secret in the app, which is not a good idea for an open source app.

 <br />