why has thunderbird changed the way it uses passwords for gmail accounts?
I had Tbird set up to always ask for a password on each account. This always worked fine. I could get into my gmail accounts by entering a password each time. My passwords were not saved on Tbird. A couple of days ago I had to reinstall Tbird after a computer problem. I connected it to my gmail accounts and told it not to save the password. When I logged in today it hasd remembered the passwords. I deleted them. When ti tried to access the accounts instead of simply asking for a password it went through a rigmarole of "connecting through the gmail account" and I had to confirm that Tbird is allowed to access gmail. One extra step each time, annoying but not terminal. BUT and this is much more serious, Tbird then SAVES THE PASSWORDS, leaving my email accounts exposed. I tried deleting the passwords but then we went through the whole process again and it still saved them. I DON'T want to add a master password (yet another thing to forget). I DON'T want Tbird to automatically log into every account whenever I load it. I DO want to control what it reads and when it reads. What can I do to get back to the old setup?
Solution eye eponami
As of version 38 Thunderbird uses OAuth2 for authentication of Gmail accounts. This is the only way considered 'secure' by Google. http://techcrunch.com/2012/09/17/google-oauth-2-0-for-gmail-and-talk/
Basically you authenticate with your Gmail account once, and Google provides you with an authentication token. This is what Thunderbird saves as 'password'. It's not your actual Gmail password. The token will expire at some point, so you'll have to renew it in the future.
If you want to go back to the previous behavior Google lets you jump through some more hoops. You need to either allow 'less secure apps' in your Google settings, or turn on 2-step authentication in connection with an application specific password. https://support.google.com/mail/answer/78754
In Thunderbird account settings change 'authentication type' to 'normal password' for your Gmail account. Up to you.
Tanga eyano oyo ndenge esengeli 👍 4All Replies (2)
Solution eye oponami
As of version 38 Thunderbird uses OAuth2 for authentication of Gmail accounts. This is the only way considered 'secure' by Google. http://techcrunch.com/2012/09/17/google-oauth-2-0-for-gmail-and-talk/
Basically you authenticate with your Gmail account once, and Google provides you with an authentication token. This is what Thunderbird saves as 'password'. It's not your actual Gmail password. The token will expire at some point, so you'll have to renew it in the future.
If you want to go back to the previous behavior Google lets you jump through some more hoops. You need to either allow 'less secure apps' in your Google settings, or turn on 2-step authentication in connection with an application specific password. https://support.google.com/mail/answer/78754
In Thunderbird account settings change 'authentication type' to 'normal password' for your Gmail account. Up to you.
Thank you christ1 much appreciated