We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Email from Microsoft to update Authentication to Oauth

  • 5 replies
  • 2 have this problem
  • 3 views
  • Last reply by schro.cat

more options

I recieved emails from Microsoft to update Authentication to Oauth as support for basic authentication will soon cease. Whilst I have not been experiencing any issues, after following the instructions, also provided here:

https://support.mozilla.org/en-US/kb/microsoft-oauth-authentication-and-thunderbird-202,

I now have an unusable Thunderbird client.

This is because I am having to keep authenticating my outlook accounts (I have about ~100 email accounts). They pop up one after the other for each account.

I believe I went through all the troubleshooting steps but to no joy.

I did notice however, when the "Enter your credentials....." pop up box appears and I go through the motions of authenticating my account and TB against my Microsoft account, the following entry appears under the Settings > Saved Passwords > Saved Logins > "Provider" column for that account:

oauth://login.microsoftonline.com (https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/POP.AccessAsUser.All https://outlook.office.com/SMTP.Send offline_access)

The credentials include a very long auto generated password starting similar to "M.C533_BAY.0.U.-........"

A couple of things to note now regarding the oauth entry:

1. It possibly does not always get created when re-authenticating 2. After quitting TB and then re-launching TB, it dissapears

So the solution would be to somehow ensure this entry is created and it sticks even after quitting TB, since for those accounts that include this I do not have get the "Enter your credentials....." pop up box.

Is this something TB can investigate?

I recieved emails from Microsoft to update Authentication to Oauth as support for basic authentication will soon cease. Whilst I have not been experiencing any issues, after following the instructions, also provided here: https://support.mozilla.org/en-US/kb/microsoft-oauth-authentication-and-thunderbird-202, I now have an unusable Thunderbird client. This is because I am having to keep authenticating my outlook accounts (I have about ~100 email accounts). They pop up one after the other for each account. I believe I went through all the troubleshooting steps but to no joy. I did notice however, when the "Enter your credentials....." pop up box appears and I go through the motions of authenticating my account and TB against my Microsoft account, the following entry appears under the Settings > Saved Passwords > Saved Logins > "Provider" column for that account: oauth://login.microsoftonline.com (https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/POP.AccessAsUser.All https://outlook.office.com/SMTP.Send offline_access) The credentials include a very long auto generated password starting similar to "M.C533_BAY.0.U.-........" A couple of things to note now regarding the oauth entry: 1. It ''possibly'' does not always get created when re-authenticating 2. After quitting TB and then re-launching TB, it dissapears So the solution would be to somehow ensure this entry is created and it ''sticks'' even after quitting TB, since for those accounts that include this I do not have get the "Enter your credentials....." pop up box. Is this something TB can investigate?

All Replies (5)

more options

Helpful?

more options

Unfortunately, the key that gets created by changing the authentication method to Oauth (from "Normal password") somehow is removed from TB's saved password list when quitting from TB. So once it is re-launched, TB goes through the same process of passing the authentication through to the Microsoft login page. It really is quite ridiculous. If this doesn't get resolved, we won't be able to use TB anymore after the change by Microsoft.

Helpful?

more options

FYI, Yahoo and Gmail email account don't suffer this issue, i.e., the key for Oauth authentication does stick (as it should) after restarting TB.

Helpful?

more options

Do oyu have an antivirus scanning in your profile folder. Crete an exception for Thunderbird profile folder in your antivirus product and see if it is saved then.

I am seeing a lot of folk with setting that just do not get saved. But none who have replied creating an exception was not effective. I don't know if it works or they just don't reply or think it is to hard.

Helpful?

more options

By default. My AV is not configured to exclude this folder, but I can see the logic in this as a cause. I have checked the AV logs and there aren’t any activities related to this as a cause however.

Over yesterday and today, I have again updated the authentication protocol etc as per the Microsoft recommendations. I have been quite methodical, even more so than before, in that I have been making sure the Oauth2 key was created in the TB password database for each outlook mail account that I updated and restarting after each of these changes and sometimes after bundle changes.

Also often checking the TB password database to see for those that have been updated, their Oauth2 key is still listed. Sometimes I would relaunch the TB a while after shutting it down. This has been working as expected so far so I thought great, but now I am starting to get the Microsoft authentication pop up or mail accounts that have had their Oauth2 key listed in the database several occasions after TB reboot.

Then checking the TB password database, I can see a few more mail accounts that have lost their Oauth2 key. I just restarted TB and checked the TB password database only to find that now MOST of the mail accounts have lost their Oauth2 key. Again, no issues with gmail and yahoo accounts.

Not sure if I can be persuaded to exclude this folder from being AV scanned as the next step as I don’t see this being the problem and also, having the AV disabled on this folder would need a period of 2 days minimum (from the above test) and I don’t feel this would be safe.

Unfortunately, I will now need to reset the authentication for each mail account from back Oauth2 (again) as otherwise, TB is unusable.

I hope this helps.

Helpful?

Ask a question

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.