Can now only access Gmail account on Thunderbird if Google secure apps is switched off
Up until today I have not had any problems accessing my Gmail account with Thunderbird. This morning however access was denied and I was prompted to provide a new password. i tried this but each time a message came back that it was unacceptable. In the end the only solution I found was to go in to my Google account and turn off secure apps or more precisely swich to allow unsecure apps. As soon as I did this I can access my gmail account again OK but it does beg the question why does Google NOW consider the Thunderbird application to be insecure. I am running version 52.5.2 (32 bit) which shows as being up todate. I am confuse why I have the 32 bit version as my windows 7 is 64 bit? I am concerned about continuing with secure apps switched off. Is there an alternative solution which would provide access with secure apps on?
Επιλεγμένη λύση
Wow thank you Toad Hall for such a swift and detailed reply. Very much appreciated. I have tried in the past to set up IMAP but failed hence the use of POP. I will give it another go though and try and set up a new IMAP account safe in the knowledge that what I have now should be OK for a while. Thanks again
Ανάγνωση απάντησης σε πλαίσιο 👍 5Όλες οι απαντήσεις (10)
There is no need to worry. If you have created a good strength password then all will be ok. It would be a good idea not to use that same password for other logins, but that is just good practise and applies to any password for any login.
Google/gmail calls apps that don't support OAuth2 "less secure". But, that doesn't make them insecure. So what it means is gmail's meaning of LessSecureApp is basically anything that doesn’t use OAuth2.
In thunderbird, gmail Imap mail accounts can connect using OAuth2 instead of SSL/TLS.
When you initially logon with OAuth2, you will be redirect to Google’s sign-in page,. Once you have signed in, Google issues you a special OAuth2 token which is saved in Thunderbird and can be seen in the same place as passwords. So when you next logon to gmail, it is using that unique OAuth ID instead of password.
OAUTH2 is not used with POP mail accounts. If you use IMAP then you can choose to use it.
I have an imap gmail account. Below is are two images showing where Connection Security: 'OAuth2' setting is selected. The first is under 'Server Settings' for incoming. The second shows where I've set up the outgoing server to use it.
However, if you currently use POP and want to try IMAP, then you need to create a new existing mail account and Connection Security as OAuth2 is selected at that time.
Επιλεγμένη λύση
Wow thank you Toad Hall for such a swift and detailed reply. Very much appreciated. I have tried in the past to set up IMAP but failed hence the use of POP. I will give it another go though and try and set up a new IMAP account safe in the knowledge that what I have now should be OK for a while. Thanks again
Is there any danger of using Thunderbird with "Use unsecure Apps" checked Thanks
Only if you buy into the false info that Google is selling.
They want you to use their web interface so you have to see their ads and they can track your viewing habits better.
In thunderbird, gmail Imap mail accounts can connect using OAuth2 instead of SSL/TLS.
This isn't entirely correct. It's SSL/TLS regardless, just the 'Authentication type' is 'OAuth2' instead of 'Normal Password'.
I don't see any option to choose Imap , is this choosen from within Gmail or Thunderbird? As it is setup now I can see my email in either Gmail or Thunderbird, (Thunderbird if I have "use unsecure apps" checked. I am afraid of losing both email accounts if I configure improperly. Can anyone help?
James
Toad-Hall said
There is no need to worry. If you have created a good strength password then all will be ok. It would be a good idea not to use that same password for other logins, but that is just good practise and applies to any password for any login. Google/gmail calls apps that don't support OAuth2 "less secure". But, that doesn't make them insecure. So what it means is gmail's meaning of LessSecureApp is basically anything that doesn’t use OAuth2. In thunderbird, gmail Imap mail accounts can connect using OAuth2 instead of SSL/TLS. When you initially logon with OAuth2, you will be redirect to Google’s sign-in page,. Once you have signed in, Google issues you a special OAuth2 token which is saved in Thunderbird and can be seen in the same place as passwords. So when you next logon to gmail, it is using that unique OAuth ID instead of password. OAUTH2 is not used with POP mail accounts. If you use IMAP then you can choose to use it. I have an imap gmail account. Below is are two images showing where Connection Security: 'OAuth2' setting is selected. The first is under 'Server Settings' for incoming. The second shows where I've set up the outgoing server to use it. However, if you currently use POP and want to try IMAP, then you need to create a new existing mail account and Connection Security as OAuth2 is selected at that time.
I now have a regular gmail account, gmail email address and I had them working with Thunderbird until they decided that Thunderbird was not a secure App, I read the instructions above saying that I need IMAP and I now have POP in my Thunderbird App, could someone give or show me where I can find step by step how to convert my Thunderbird from a POP email to an IMAP, I don't see anywhere to create an account using IMAP and am afraid to makes things worst than they now are. Please help, Jim
Fromjim,
You're posting to a 'Solved' topic. Please start a new topic for your problem. https://support.mozilla.org/questions/new
I want to continue using POP. How do I make it work now with gmail and if I switch to allow insecure apps, what do I risk?
lhfry44 You do not risk anything providing you follow standard good practise, which you may be doing already. When you boot up computer, set up and use 'User Accounts' with a password. All passwords are stored in Thunderbird profile which by default is in your 'User Account'/'Appdata'/ 'Thunderbird'/'Profiles'/'profile name' folder, so you would need to know computer 'User Account' password to get access to see them. Do not leave your computer, logged onto 'User Account' when away from computer. Make sure the mail account password is of good length using variety of letters, numbers and special characters. Suggest you do not use that mail account password for other logins.