isnt that security through obscurity?

It is. But this is one of those cases where the public facing error message probably shouldn't say what authentication source is in use (same logic is already in use with Gmail auth from a cursory glance).

No the gmail plugin will error with

where PLG_GMAIL_ERROR_LOCAL_USERNAME_CONFLICT="A local username conflicts with your Gmail username."

That one's a very specific case. But the other fail messages are the generic messages. Unless I misread and the keys actually are referencing strings saying "could not connect to Google to authenticate" basically.

these keys are specific to ladp afaik
I suggest, if you do not want in future releases to still show the word ladp when a language pack is not up to date, instead of modifying the value, adding new strings where NO is replaced by NOT (for example)
JGLOBAL_AUTH_NOT_BIND
Precede the old strings by a comment
; The following 2 strings are deprecated and will be removed with 4.0.

I have tested this item ✅ successfully on 431e5e5

I followed @infograf768 suggestion and added 2 new strings.

I have tested this item ✅ successfully on 69623e6

Thanks @HLeithner

@brianteeman can you please give your ok as code owner for the language files so we can move that one forward into 3.8.8? Thanks.

No need to ask me. GitHub tells me but I am in the pub so will check later,

Fixed please review again @HLeithner @brianteeman ;)

done @Quy thanks.

I have tested this item ✅ successfully on c7c0c40

Code review

RTC. Thanks!

There is a reason for 2 strings but only for debugging usage so I'm fine with only one string