GMail OAuth2 Authentication Failure
I have been having authentication errors with one of my GMail accounts. I went digging and noticed that the authentication method was set to Normal Password. I know that at the end of May, Google started denying "less secure apps", so I switched the account authentication method to OAuth2.
When I hit "Get Messages", the OAuth2 window popped up as expected, and I entered my credentials and allowed access to Thunderbird. After that, still received the authentication failures.
After that, I read all the support articles I could find on this, and I tried everything anyone suggested. At this point, I have completely reinstalled Thunderbird fresh (I made sure to remove any old profiles in the %AppData% folder).
So there are no longer any old saved passwords being used instead, there is nothing of Thunderbird on my computer.
I am stuck at trying to add my GMail account. The OAuth2 window opens up, I enter my credentials and give Thunderbird access, and the error message that pops up below "Checking Password ..." is "Unable to log in at server. Probably wrong configuration, username or password."
I have double and triple-checked both username and password (and they are working in the OAuth2 window).
I have tried disabling AVG (the antivirus I use). I also disabled AVG and then turned off Windows Defender.
I even tried changing the "general.useragent.compatMode.firefox" setting to "true". That caused a different type of OAuth2 window to show, but still didn't work and got the same error.
Still no luck.
I can only assume at this point that Thunderbird is pulling the username/password from somewhere that I have no idea how to access and it is using that instead of the OAuth2 token being returned (which doesn't get saved).
Beyond that I am at a loss. Anyone with any ideas of what it might be?
Thanks, Josh
الحل المُختار
To all, thank you for your help. I finally found the problem. I will leave this here in case anyone stumbles upon this. The article that helped was here: https://support.mozilla.org/en-US/questions/1373706.
I am a software developer, and I have XAMPP with Apache running on my local machine. Apparently there is a problem with the initial authentication with Thunderbird and Apache. After turning Apache off, the authentication worked perfectly. I haven't yet tried turning it back on and running Thunderbird, but the article referenced suggests that after the first initial authentication setup, everything should work fine going forward.
Thanks again all for the help.
Read this answer in context 👍 0All Replies (16)
jswain78 said
I am stuck at trying to add my GMail account. The OAuth2 window opens up, I enter my credentials and give Thunderbird access, and the error message that pops up below "Checking Password ..." is "Unable to log in at server. Probably wrong configuration, username or password." ... I can only assume at this point that Thunderbird is pulling the username/password from somewhere that I have no idea how to access and it is using that instead of the OAuth2 token being returned (which doesn't get saved). Beyond that I am at a loss.
Quit Thunderbird, go to %AppData% and delete (recycle) the Thunderbird folder. Relaunch Thunderbird then enter your full name and email address. Leave the password field blank the click Continue. Go through the motions, see how it goes. I have no idea where else Tbird would be pulling the credentials from. Perhaps a third-party password manager is interfering.
I have tried that, both before and after a full reinstall. I have also tried it without entering my password, and entering my password, and with either the "Remember password" box checked or unchecked.
Still nothing.
Beats me. You could give Windows safe mode with networking (connect to internet via ethernet cable) a try.
Are you able to access gmail via webaccess? I believe that's the password Google wants. I'm also at a loss on this.
David, Yep, I can access GMail through a browser. Like I said, the OAuth2 window pops up, and I am able to complete that window by logging in successfully, and then "Allow"ing Thunderbird the access it needs.
Stans, that is the one thing I haven't tried yet. I can't see anything I have installed messing with the mail account, but maybe I'll give it a try and update when comlete.
I also have this or a very similar problem.
I followed the instructions on this page: Automatic Conversion of Google mail accounts to OAuth 2.0 Authentication
But my version of Thunderbird does not have the preference 'javascript.allow.mailnews' in Config Editor so I can not enable it.
Thanks
mattst said
I also have this or a very similar problem. I followed the instructions on this page: Automatic Conversion of Google mail accounts to OAuth 2.0 Authentication But my version of Thunderbird does not have the preference 'javascript.allow.mailnews' in Config Editor so I can not enable it. Thanks
Which version might that be?
Mattst, thanks for the article. I did try those things. None of it worked. So I finally just uninstalled and installed a fresh copy of the software using the most recent version. So everything is enabled correctly (i.e., javascript, cookies, etc .).
So, I just tried to set up another Gmail account I have and am getting the same error.
I also tried, on the same computer, Windows Mail (this is a Windows 11 computer). It worked perfectly for both accounts. I don't think it has anything to do with the computer or the network itself per say.
@Stans I'm using version 60.6.1 (64-bit) on Linux Mint 17 [Based On: Ubuntu 14.04.6].
I know it's old but it doesn't look like I can upgrade Thunderbird without first upgrading my OS, which will be a full day's work and not a very appealing prospect (for a few weeks at least).
Any ideas?
الحل المُختار
To all, thank you for your help. I finally found the problem. I will leave this here in case anyone stumbles upon this. The article that helped was here: https://support.mozilla.org/en-US/questions/1373706.
I am a software developer, and I have XAMPP with Apache running on my local machine. Apparently there is a problem with the initial authentication with Thunderbird and Apache. After turning Apache off, the authentication worked perfectly. I haven't yet tried turning it back on and running Thunderbird, but the article referenced suggests that after the first initial authentication setup, everything should work fine going forward.
Thanks again all for the help.
I have a better solution that works 100% of the time. Stop using gmail.
After trying to get gmail to work for about 5 hours this morning, I went into the gmail settings and set up forwarding so that any incoming mail goes to a less uppity provider. I also set up vacation response to notify people of the correct address.
Problem solved.
I read a post by the developer of pegasus mail who said that gmail uses a proprietary form of oauth2 that developers have to pay to use. So pegasus will not be supporting gmail. I don't expect thunderbird or any other developer to pay this bribe. Google should be ashamed of themselves.
n4mwd said
I don't expect thunderbird or any other developer to pay this bribe. Google should be ashamed of themselves.
You are late by almost a decade. Thunderbird has been working with Google's OAuth2 since version 38. Also, there's always the option of using an app-specific password and Normal Password authentication, which works just fine.
mattst said
@Stans I'm using version 60.6.1 (64-bit) on Linux Mint 17 [Based On: Ubuntu 14.04.6]. I know it's old but it doesn't look like I can upgrade Thunderbird without first upgrading my OS, which will be a full day's work and not a very appealing prospect (for a few weeks at least). Any ideas?
You could try Normal Password authentication using an app-specific password.
Yes that works, thanks Stans.
It won't store the app-specific password between sessions but I can copy'n'paste it in once per session until I have time to upgrade Linux Mint to the latest version.
Thanks again. :)
EDIT: It does now store the app-specific password between sessions (i.e. reboots).
Modified
Stans said
You are late by almost a decade. Thunderbird has been working with Google's OAuth2 since version 38. Also, there's always the option of using an app-specific password and Normal Password authentication, which works just fine.
When yahoo went oath2 a few years ago, they did offer app specific passwords, which worked fine, however, that was not offered with google. Or at least google made no effort to tell anybody about it. I'm using TB52 which doesn't work with oauth2 even though it lists that as an option. It just hangs TB trying to perpetually log in.
Either way, I'm no longer a gmail user so its not my problem. I think that any provider that makes a massive change like this and doesn't even offer a help page that isn't blank doesn't need me as a user. The problem is that google is so massive that its hard to get completely free of them. But dumping gmail is an easy one.
EDIT: I found some footnotes on google that said that app passwords were only available for people with 2-step authentication. I wont be part of that.
Modified