watchOS 5 Needs Some Work When It Comes To Its Mail App

Yesterday I got a call for a woman who was highly frustrated. She had just gotten a Apple Watch Series 4 With GPS+Cellular and she had a very interesting problem that neither she or the Apple Genius Bar could solve:

  • When the watch was connected to her iPhone via Bluetooth, she had no problem sending or receiving mail via the Gmail account that was on the watch.
  • When the watch was connected to LTE, she was getting this error: “Cannot Get Mail, No connection available to retrieve messages for [Insert name of Gmail account here], Make sure to activate this account in “Apple Watch App” on your iPhone.”

Out of desperation she called me to have a look. I had a suspicion of what was going on even before I arrived at the client’s location. Gmail has a setting where you could enable or disable the use of “less secure apps”. A less secure app is one where the app can see your Gmail login and password directly. That’s a security risk if the app has been compromised by malware or is untrustworthy in some way. Instead, Google wants you to get your mail from Gmail via an app that uses an authentication protocol known as OAuth (specifically, OAuth 2). By using such an app, the app never sees your username and password. Instead, after being redirected to a Google sign in page inside the app, and using that to sign in, the app gets an OAuth 2 token that allows it get and send your email.  My suspicion was that the mail app on the Apple Watch does not support OAuth 2 while it is on LTE.

So when I arrived, I had the user log into her Gmail account. Then I had her do this:

 

  • Go to the Less secure apps section of her Google Account.
  • Turn on Allow less secure apps.

When I did that I had her leave the phone at home and then we took a walk down the block to force the Apple Watch onto LTE. Then I had her check her email from the watch and she found that she was able to get email.

Now this is an issue that Apple needs to fix as you should not have to downgrade the security of your Gmail account to allow it to be used on the Apple Watch. Thus Apple really needs to fix and add OAuth 2 support to watchOS 5.1 or later.

So I was finished with this client. Right? Well not so much.

We discovered that when you replied to an email, it would default to her iCloud account as she had both her Gmail and an iCloud account on her Apple Watch when the watch was on LTE. And there does not seem to be any clear way to change that behavior. This is something that I am continuing to investigate as I was able to replicate this behavior on my Apple Watch. However I am pretty sure that this is a bug that Apple will need to fix. But seeing as the client was able to receive email on her Apple Watch when it was on LTE for the first time since she got the watch, it was job done. But what this episode clearly illustrates that Apple does need to put in some more time and more effort into really doing meaningful QA on their products. I say that because Apple really has a great use case here with the Apple Watch as you could really utilize it to make yourself more productive when you are away from your phone. But the fact that they don’t seem to support OAuth 2 for Gmail, and they let a pretty clear bug slip through totally lets the side down. And that needs to change sooner rather than later.

 

 

Advertisements

2 Responses to “watchOS 5 Needs Some Work When It Comes To Its Mail App”

  1. Hmmm… I have TFA set up on my Gmail account and I don’t have to do any such thing to access and read and compose and reply to Mail from my Apple Watch.

    • Two factor authentication (TFA) is different from letting Gmail use “less secure apps.” As stated in the post, letting Gmail use “less secure apps” allows the use of non OAuth 2 compliant apps.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: