Join the Mozilla’s Test Days event from Dec 2–8 to test the new Firefox address bar on Firefox Beta 134 and get a chance to win Mozilla swag vouchers! 🎁

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

After I have change email password from gmail, why Thunderbird not asked me to entry my new password? In Windows Live Mail, they asked my new password.

  • 11 replies
  • 4 have this problem
  • 4 views
  • Last reply by Tonnes

more options

After I have change email password from gmail, why Thunderbird not asked me to entry my new password? In Windows Live Mail, they asked my new password.

If someone have known my email password, and he/she use Thunderbird to open my email account, so it's useless for me to change my password periodically. Because he/she still can open my email from Thunderbird.

When I use Windows Live Mail, I have to enter my new email password, if I have change my email password from gmail or other mail.

Thank you. Yuni

After I have change email password from gmail, why Thunderbird not asked me to entry my new password? In Windows Live Mail, they asked my new password. If someone have known my email password, and he/she use Thunderbird to open my email account, so it's useless for me to change my password periodically. Because he/she still can open my email from Thunderbird. When I use Windows Live Mail, I have to enter my new email password, if I have change my email password from gmail or other mail. Thank you. Yuni

Chosen solution

YuniJoyo said

... use Thunderbird to open my email account, ... still can open my email ... he/she can just open it ...

Some users probably expect to enter a password in order to be able to open the Inbox in Thunderbird.

To cut it short: Thunderbird uses - an email password to retrieve new mail (like any other email application) - (optional) a Master password to access sensitive information, e.g. when viewing stored email passwords

Windows Live Mail may require entering an email password to access exisiting email in the Inbox ("open email"), like any web client. (I’m not sure if Windows Live mail refers to the application, but if so, apparently it does). Thunderbird however will open the email Inbox anyway showing existing (already retrieved) email, but it will ask for the email password for and only when retrieving new email.

Therefore, there is no reason to fear other users from accessing new email after the password was changed since Thunderbird should simply ask for the new one. There is no way any email client would be able to access a mail server’s email using an old password either entered or stored locally. Moreover, if another user uses Windows Live Mail or a web client and uses your old password, he/she apparently will not even be able to access/open existing email.

Asking for a password to open the Inbox in Thunderbird would require a feature change. However I’m not sure if that will ever make it, since locally stored email will be readable on file level anyway and in various ways, so adding it would not be a real security feature. If privacy is your concern, consider using POP and be sure not to leave messages on the server after retrieving them. Of course that will prevent the email from being read using a web client afterwards, but leaving any email to be accessible by web may be considered as a privacy risk.

Read this answer in context 👍 0

All Replies (11)

more options

I have no idea what your issue is. Is Thunderbird getting your mail or not?

more options

Matt said

I have no idea what your issue is. Is Thunderbird getting your mail or not?

YuniJoyo said

After I have change email password from gmail, why Thunderbird not asked me to entry my new password? In Windows Live Mail, they asked my new password. If someone have known my email password, and he/she use Thunderbird to open my email account, so it's useless for me to change my password periodically. Because he/she still can open my email from Thunderbird. When I use Windows Live Mail, I have to enter my new email password, if I have change my email password from gmail or other mail. Thank you. Yuni
more options

If you change the password with your email provider the old one stored in Thunderbird no longer works. How would someone get your mail using Thunderbird?

more options

Hi Matt,

Thank you for your reply.

I use 2 email application: Thunderbird and Windows Live Mail to manage my email.

Periodically I change my email password from gmail. After I have changed my email password , so I have to entry my new email password to the Windows Live Mail. If I do not entry my new email password , then I can not open my email account from the Windows Live Mail.

But why in Thunderbird, they do not ask me to entry my new email password? and I still can manage (read, write, delete) my email in Thunderbird application.

If so, and it turns out there is someone who has stolen my email password, and he opened my mail through thunderbird as well, then it's useless I change my email password periodically, because he will still be able to see my email through Thunderbird without verification to my new email password.

Thank you. Yuni

more options

Gmail can use several different types of password. One of these is an "application-specific" password which is set up when first adding the account to Thunderbird. This is probably what has been stored in Thunderbird and it is separate from and different to the regular Gmail password which you use in other contexts.

If you go to Tools|Options|Security|Passwords->Saved Passwords (in Thunderbird) you can find and even remove this password, then Thunderbird will have to ask you for a new password. But it will not accept your regular Gmail password, unless you switch back to using regular passwords and disable two-factor or OAuth2 passwords. I'm really not sure what happens if you delete this "application-specific" password. I suspect it could become quite messy.

Go look at it, anyway. I'm pretty sure the password you see in the password store is not one you know. I'd advise against deleting it.

more options

Password which I have changed periodically through gmail is the password to open my email , not the gmail account password or anything .

When I add an email account to Thunderbird , then I have to enter my email password. Likewise, someone who has stolen my email password and tried to open my confidential email , he/she can just open it through Thunderbird by entering my email password that he/she knew before I have changed it.

And after I have changed my email password, because of Thunderbird not ask him to entry new email password, so he/she still can open all my secret email through Thunderbird, until he/she delete my account from his Thunderbird.


Whatever the cause , it could be dangerous if he/she can still see all my confidential email me though I 've changed my email password.

In Windows Live Mail , if any changes in email passwords , so we could not open our email account before we enter the new email password.

Thank you.

more options

Did you look at the password stored in Thunderbird?

Was it the one you expected to see?

Did you delete it?

more options

If I could delete it , then others can do the same thing . That means if I know other people's email password , and then I added that email account to my Thunderbird, so I will be able to see other people's secrets email forever until I delete that email account via Thunderbird.

more options

Please try something rather than lecturing us on what you think will happen. Use the Master Password if you want to be sure no one else can "Get at" your precious passwords. You can choose not to let Thunderbird store passwords if you don't want to trust it with them.

Did you look at the stored passwords? Are they what you expected to see? Did you delete them? (both for sending and receiving?)

If it's working properly, when Thunderbird doesn't know a password, it asks the user to enter the correct password. We can't tell yet if your Thunderbird is working properly.

Until we know which password you see in Thunderbird's store, we don't know if you really have a problem to solve.

more options

Duplicate posting removed.

Modified by Zenos

more options

Chosen Solution

YuniJoyo said

... use Thunderbird to open my email account, ... still can open my email ... he/she can just open it ...

Some users probably expect to enter a password in order to be able to open the Inbox in Thunderbird.

To cut it short: Thunderbird uses - an email password to retrieve new mail (like any other email application) - (optional) a Master password to access sensitive information, e.g. when viewing stored email passwords

Windows Live Mail may require entering an email password to access exisiting email in the Inbox ("open email"), like any web client. (I’m not sure if Windows Live mail refers to the application, but if so, apparently it does). Thunderbird however will open the email Inbox anyway showing existing (already retrieved) email, but it will ask for the email password for and only when retrieving new email.

Therefore, there is no reason to fear other users from accessing new email after the password was changed since Thunderbird should simply ask for the new one. There is no way any email client would be able to access a mail server’s email using an old password either entered or stored locally. Moreover, if another user uses Windows Live Mail or a web client and uses your old password, he/she apparently will not even be able to access/open existing email.

Asking for a password to open the Inbox in Thunderbird would require a feature change. However I’m not sure if that will ever make it, since locally stored email will be readable on file level anyway and in various ways, so adding it would not be a real security feature. If privacy is your concern, consider using POP and be sure not to leave messages on the server after retrieving them. Of course that will prevent the email from being read using a web client afterwards, but leaving any email to be accessible by web may be considered as a privacy risk.