Re: gmail+imap+smtp (oauth2)

[Richard Stallman]

[[[ To any NSA and FBI agents reading my email: please consider    ]]]
[[[ whether defending the US Constitution against all enemies,     ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]

  > your password and then a 2nd factor (fingerprint, code
  > from an authentication app, hardware key etc).

I have to ask whether there is an option for the second factor that
isn't unjust.

Google should not know your fingerprint, and anyway, can you give it
to Google without nonfree software?  I doubt it.

Is there any accepted authentication app which is free software and
runs on a free GNU/Linux system?  The word "app" suggests that they
run on nonfree snoopphone operating systems.

As for hardware keys, in principle there could be one that is
acceptable.  I investigated the Yubikey some years ago and ISTR I
found it requires nonfree software.  Which option can people
recommend?

It sounds like there may be other options not listed.  Is any of them
acceptable?

-- 
Dr Richard Stallman (https://stallman.org)
Chief GNUisance of the GNU Project (https://gnu.org)
Founder, Free Software Foundation (https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)