Correct credentials needed - how to solve
Why does Gmail keep asking for credentials?
This can happen for any of the following reasons: your password has been entered incorrectly multiple times. your mail client is configured to check for emails too often (Google recommends only once every 10 minutes) your password isn't strong enough.
Save this password in your password list, it will keep showing up and after a while the following error will appear. This problem occurs when Basic authentication has not been enabled for your Gmail accounts. Today we are going to see how to get rid of this situation so that we can go through it step by step and see how to configure Outlook first and then see how to fix the error we saw before.
The first thing we need to do is activate PopIMAP. So log into your Gmail account like you did before and click on this gear icon right corner at the top click on Settings go to this option Forwarding and Pop / Imap Here you can see the status for Pop is disabled and status for IMAP is disabled You can choose either one.You can choose either Pop or IMAP.I will choose IMAP once you select Enable IMAP and then click SaveChanges.
The reason for choosing IMAP is that IMAP is a two-way communication between your webmail and Email client is the isOutlook email client we use, meaning that if you open your email in the web browser and then do some actions in Outlook, you can see the changes appear immediately in Outlook Mel this is not the case with Bob on multiple media and devices ok so go to the start menu and open the email client, the Outlook now in the top left corner is click on file and click on add account from, here select manual setup or additional server types click next 'select popor IMAP we have enabled the IMAP setting for mygmail account and I have already explained the reason for this . On your behalf, type the e-mail address of mthe drop-down list for the account type select IMAP the incoming mail server you should try imap.gmail.com the outgoing mail server will be smtp.gmail.com.
The username should be the same as the unit. Enter your password here and make sure that the option Save password is selected Additional settings under the General tab, your e-mail ID will be displayed on the outgoing mail server Activate this check box myoutgoing server smtp requiredauthentication under the Advanced tab for incoming server I map select SSLfrom the drop down list and the port number should be 993 for the outgoing server drop down and the third number should be 4 6 5 click OK click Next You will see this popup and it will say that your credentials are not accepted even if I check this box. Save this password in your password list and hit ok again and again I will see this and if we cancel we will keep seeing this pop up and eventually we will see this error but at the moment it is not showing the error message that we saw at the beginning of this article, but at some point you will get this error message anytime.
As explained at the beginning, this issue occurs because you didn't enable basic authentication for your Gmail account - the feature known as Allow less secure apps to enable this feature from your Gmail account to use Basic authentication to activate now I just go to my Gmail account and click on your profile picture in the top right corner and click on my account from here scroll down and click on Sign in and Security on the left menu bar select connected apps and sites, scroll down a little bit and you will see the Allow less secure apps option so we need to check this option to enable it by simply scrolling this button once we check that option and go to Outlook again and just click Next and let's see if it throws me the same pop-up again you see the process completed successfully. Just close it and hit next and your Outlook account for Gmail has now been configured and it will download all of my emails one by one from the web server to my local system. Hope you actually enjoyed the article, keep sharing and subscribing to the channel for the future updates, thank you
How do I fix correct credentials in Gmail?
- Step 1: Update your Gmail app. To get the latest fixes on problems with sending or receiving email, update your Gmail app.
- Step 2: Restart your device.
- Step 3: Check your settings.
- Step 4: Clear your storage.
- Step 5: Check your password.
- Step 6: Clear your Gmail information.
Why is my email asking for my credentials?
In the email program's configuration, you could have provided the wrong user ID, or mistyped it. Your internet connection could be down or having problems. A firewall could be blocking your attempts to connect to your mail server. This is also common if you specify an incorrect password too many times.
What does credentials mean for email?
1. details of an email account such as a login and a password.6 mei 2017
What is going on in this article, I want to talk about an attack called credential stuffing and how we can use that as ethical hackers.
So if you don't know what credentials stuffing is, it is essentially an attack in which you would go to the internet to download a publicly accessible list that contains a valid username and passwords for that violation and use that list on other websites or on it could be ssh or wherever you can log in to see if that account is valid in other places, users will usually use the same email address everywhere, sometimes their password changes but you know the security mind at most people not that good is good Usually you will find that their password works in different places. As an ethical hacker, we can use this to dig a bit more into the violations so that you understand when you go to haveidempon.com.
This is a Bytroy hunt, if you scroll down you will see all of the biggest violations and recently added violations, so essentially what are violations, what are violations is an attacker or a hacker, the Inzynga or Myspace or Adobe or some bigentity or any entity hacks, takes their password and username list or database and publishes them publicly on the internet so that we as ethical hackers can download these lists and use them for our own benefit, so I'm just going to show you have a bit of it now, so In October 2013, hackers stole 153 million Adobe accounts and then released them publicly, so I did a bit of searching and in 2020 you can still find this information. I'm only going to show you the first 10 lines because seeing millions of lines will likely crash my computer is blurry because I'm not telling you to find this information if you won't be using it forever, but here are the email addresses and here are the passwords you can use for credential stuffing attacks highlight atool called Potatothis was told to me on twitter byrainsec underscoreit is a really good tool for bruteforcing using credential stuffing a tacks sothis it will Allowing you to use brutal forceftp ssh telnet and literally so many different services it's such a great tool that I'm going to show you http now so say you are engaged to the clients. We're going to pretend this is Microsoft.
They downloaded and compiled a ton of security breach lists. You may then want to search your vulnerabilities for email addresses that are microsoft.com or similar.
Once you've compiled this list, you can then go to their website and try to log in, what username and password combinations are in this list and try logging into their Active Directory, their Sharepoint, and log into their email to do so You know the list is endless, it really depends on what this client is using, but you can use this information to try to log into these entities and it can work because like I said security awareness isn't ? strong for a lot of people so culprit what you have to do, to do the first one, obviously clone it, take this link and paste it in your file li linux or whatever you use with git clone and then the url, then the folder structure will look similar to this one The only thing I did additionally here is made a combo hatch directory file, but we come back to the fact that we now want to do a pip3install minus our flag and requirements and what this will do is to install all the requirements for potato from this Requirements.txt I have already done this so everything will be met but for you it may take a little longer so I will delete the clear off now thatnano loop files sorry the combo loop file, So let's just go into the list of Microsoft email addresses I've talked about, or in your case who your customer is, so obviously i don't want to do this with real information so i just entered these test usernames and passwords to be used with this tool and i will be using this on a pretendmicrosoft endpoint so here i have the only legal way to do this to do This is my own WordPress website. Let's imagine this is the Microsoft Sharepoint they are using internally and we want to try to log in as these different users.
To do this you can get the url in a browser you want to use, a proxy i use burp suite just go ahead and intercept this traffic so maybe you know how to do it, if not, you can watch other articles i have on proxy and traffic but once you use the traffic as a proxy you can see the calls on the site the way we want to find the body info here just type it all in what you want and log in and here you will find this body information that will be sent. So the password is pwd uh, the Logis login and that's it, and you want to record this information in a minute. Let's just go back to Potato and we want to do this so that you want to run python3 Potato.pi, when you do that it will show you all the modules that you can use, this is what we are interested in this http fuzz module, so just copy it over and we'll go to gopython3 Potato.pihttp files and that will give you some more parameters to use with the httpfuzz methods.
I think the easiest way I want to show you is if I just copy and paste the command and do it line by line way to use this with WordPress so you can use Potato.pi http fuzzlike gopython that I gave you before and then we are going to use this url parameter and we included the url of mrtervy.com uk because in this intercept you can see that we just did we have mr.uk and it is posting on theurl what is wordpress admin admin ajax php and that is why we have wordpress admin admin ajax php bodyequals and open the quotation mark and then as I mentioned earlier we need to copy this body information into the quotation marks here below.
This is that part. The only difference between the bodies is that in the log we have to put the username we need ut combo zero zero and that refers to this later part which here is combo hatch, but we get to that and then into the password part pwd if you want to put combo01 because that refers to the username and password that potato is going to try you have to take care of that part then you want to go zero and equal to combo hatch, so this is the credential stuffing file that i was just talking and then you want to run the x flag mitignoref grep and error so here if i just go ahead and repeat this i'll show you what i mean when i send this is of course not a proper login so will sent us an error. If that was a real login, you wouldn't get this error in the response.
If you have f greperror, it means it is not a legitimate login delt. So when it goes through the different credentials when it sees the error, it knows that it is not a legitimate login, it doesn't work, but if it doesn't see the error it knows that the login is legitimate, so leave just return to this combo list. One of them is a correct username and password combination.
We will see that one of these functions works. The rest don't work and don't show up because they make mistakes because they aren't a real login credentials so I'll just fire that up for now let me just copy and paste that again and what this will do is that username password -Trying combinations on my WordPress website so that it goes through these username and password combinations and as you can see here luke andtestpassword123, of which I believe five password and username combinations worked so that we can take that password and we know That the username Luke is on one in an organization I'm still proxy just leave me on proxy You will see that we log in with these credentials in a minute, so we are now logged into my WordPress website from which we pretend To be Sharepoint in an Organization You can search for e-mail addresses in organizations find that you repeating pen tests might work for so that's a plethora of credentials thanks for watching guys like us and subscribe
Why do I keep getting credentials needed message?
If you have this message probably you have some app where you use Microsoft account. For this you should check what do you have and remove the account from the app or update the data. Other scenario you can find here: https://productforums.google.com/forum/#!topic/... Standard Disclaimer: This is a non-Microsoft website.
Why do I get " credentials needed " Gmail notification?
If, the mail is not there in your webmail access or gmail, then probably you are getting fake notifications. it will be SPAM. please do not click on any links or enter the password. Delete those mails. Please check if you have any malware installed in your mobile? please uninstall the app completely and install it again. Was this reply helpful?
What should I do if I have an incorrect username or password?
I get a message saying 'correct credentials needed,' proceed to enter my login info, and am told I have an incorrect username or password, even though they both are 100% correct. Any ideas?