If you've verified the password in Saved Passwords, it means the authentication method is 'normal password' instead of the recommended OAuth2. Set the authentication on all gmail accounts to OAuth2 in Server Settings for the incoming, and in Tools/Account Settings, Outgoing Server (SMTP), for the outgoing servers, remove all gmail passwords in Saved Passwords, check that cookies are allowed in TB Options/Privacy & Security, then restart TB and enter the account password in the OAuth browser window when prompted.

This didn't work for me. So, I deleted the account from both the MacOS Keychain and from Thunerbird. Then re-set up as a new account. The same behavior happens. I've never seen this before with TB/Google.

If it doesn't work, there's some external factor interfering. Try it without Keychain storing TB passwords, and disable any app that stores cookies or anything related to TB. The OAuth authentication relies on being able to store the oauth token in TB's Saved Passwords.

If I'm accessing this through the TB application, then it would be the only service accessing/storing cookies, if I'm not mistaken. I removed the account from TB and Keychain. But, curiously my other Google accounts are working fine.

TB shows no cookies being stored.

So could this be a local bug with TB? Should I try re-installing (dreadful).

I don't think it's a bug, as this is the standard method for gmail, of which there are probably millions of accounts in TB. You may not see any cookies stored, but cookies definitely need to be allowed for OAuth authentication. Check again that cookies are allowed in Options/Privacy & Security (not browser cookies). Do you have any other security besides Keychain, such as antivirus, antispam etc. acting on TB?

it was the cookies, they were not being allowed. But I do not recall ever changing that setting; I've always had it set at "site visited". Thanks!