• @d00ery
    link
    3
    edit-2
    9 months ago

    I access my MS Outlook emails using the Gmail app on android, I do wonder if Google does the same in storing passwords and having access to those emails. (Not defending Microsoft here, a genuine question I might even look up)

    Just skimming the text, and the fact that it shows the Microsoft login screen leads me to believe it’s not storing login details on Google servers.

    https://policies.google.com/privacy?hl=en

    Also, my source for FOSS alternatives: https://alternativeto.net/software/microsoft-office-outlook/?license=opensource

    • @elshandra
      link
      6
      edit-2
      9 months ago

      If Google and Microsoft are reading all of the emails in gmail/o365 (they could), then half of your data is probably getting caught by the recipient, or quoted in their replies anyway. Along with your email address of course. It’s a losing battle.

      e: oh you’re worried about that. There will be a token that maintains the authentication, Google (probably) won’t have your Microsoft password - they don’t need to store it, or even use it ever. The technical term is SSO (single sign-on), if you want to delve into it.

      • @d00ery
        link
        3
        edit-2
        9 months ago

        SSO, yes I wasn’t sure. Better practice than the outlook client storing login details on their server!

        Good point on the replies lol. No matter how much I might try to keep my email provider out of my data, by sending the email to someone else it their email client might share it!

        • @elshandra
          link
          2
          edit-2
          9 months ago

          Oh right, if you save your passwords in the Google browser, or your Google phone… They might be stored in Google’s servers in some fashion - to allow you to share them between devices for example. But you do have to enable this functionality (assuming Google isn’t evil).

          Well outlook is a complicated one, your credentials absolutely need to be stored in a place your (pop/imap/…) mail server can read from. Else how can they be validated. So if that’s Microsoft, then technically they have your credentials.

          Any mail provider that isn’t evil, won’t be able to read your stored credentials until current one way encryption methods are no longer safe

          e: in the case of stored/shared browser passwords, I that’s two way encryption… That’s less safe, I recommend not doing so if you can handle the inconvenience.