Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Yahoo! thinks Thunderbird sign-in is "less secure"

  • 2 replies
  • 2 have this problem
  • 12 views
  • Last reply by christ1

more options

Following today's revelations about Yahoo's security breach, I have changed my Yahoo password. But in the process I encountered a Yahoo! security setting entitled "Allow apps that use less secure sign in". The page says "Some non-Yahoo apps and devices use less secure sign-in technology, which could leave your account vulnerable. You can turn off access (which we recommend) or choose to use them despite the risks."

It turns out that Thunderbird is one of the apps that Yahoo reckons use less secure sign-in technology, so I have had to "Allow" this exception in order to access my Yahoo! account from Thunderbird.

Should I be concerned? Can anyone comment on T'bird's security of sign-in? (I am not sufficiently technical ...)

Following today's revelations about Yahoo's security breach, I have changed my Yahoo password. But in the process I encountered a Yahoo! security setting entitled "Allow apps that use less secure sign in". The page says "Some non-Yahoo apps and devices use less secure sign-in technology, which could leave your account vulnerable. You can turn off access (which we recommend) or choose to use them despite the risks." It turns out that Thunderbird is one of the apps that Yahoo reckons use less secure sign-in technology, so I have had to "Allow" this exception in order to access my Yahoo! account from Thunderbird. Should I be concerned? Can anyone comment on T'bird's security of sign-in? (I am not sufficiently technical ...)

All Replies (2)

more options

Ah. Once I had described my problem the Forum software found that @peterleggat had exactly the same issue last month, and @toad_hall had provided a useful reply. I'm not sure I follow it completely TBH - something about OAuth2.

more options

As long as you access your Yahoo account using Thunderbird via TLS this is by no means less secure. TLS means your connection to the server is encrypted. In that case you do see a little padlock at your account name in the folder pane.

Thunderbird will probably support OAuth2 authentication for Yahoo in a future version.