Avatar for Username

Iskanje po podpori

Izogibajte se prevarantski tehnični podpori. Nikoli vam ne bomo naročili, da pokličete telefonsko številko ali nam pošljete osebne podatke. Sumljivo dejavnost prijavite z gumbom »Prijavi zlorabo«.

Več o tem

Ta tema je arhivirana. Postavite prosim novo vprašanje, če potrebujete pomoč.

Why can I still download new emails after changing my pword via the web site of my email provider, but have not yet changed it in Thunderbird?

  • 4 odgovori
  • 1 ima to težavo
  • 29 ogledov
  • Zadnji odgovor od Dashour

Dashour
Dashour
more options

Normally, when I change my email password, I do it on the email providers web site. Once the password is changed that way, I cannot download email into thunderbird until I have also changed the password that Thunderbird uses to access my email account. This is usually done via a pop up window in thunderbird that asks me for the password.

However, I have just changed my email password as normal, but thunderbird can still download my email from that account without asking at all the new password, and when I checked in "saved passwords" the OLD password is still listed (but not, of course, the new one)

I have repeated tested out the new password on my providers web site, and indeed the new password now works, and the old password does not work - except in Thunderbird, where it continues to work. Why?

Normally, when I change my email password, I do it on the email providers web site. Once the password is changed that way, I cannot download email into thunderbird until I have also changed the password that Thunderbird uses to access my email account. This is usually done via a pop up window in thunderbird that asks me for the password. However, I have just changed my email password as normal, but thunderbird can still download my email from that account without asking at all the new password, and when I checked in "saved passwords" the OLD password is still listed (but not, of course, the new one) I have repeated tested out the new password on my providers web site, and indeed the new password now works, and the old password does not work - except in Thunderbird, where it continues to work. Why?

Izbrana rešitev

dashour said

Ok Matt many thanks for that answer. Uhm, is this something I should be concerned about?

No.

My main concern was that my old password could still be used by somebody - but this sounds like that's not the case, right?

Right.

Preberite ta odgovor v kontekstu 👍 1

Vsi odgovori (4)

Matt
Matt
  • Top 25 Contributor
  • Moderator
more options

My guess is you are using Oauth2.0 to authenticate. It uses token created when you enter your password the first time and will continue to work until the provider revokes them in some cases for ever.

The Oauth folks have information on their web site https://www.oauth.com/oauth2-servers/access-tokens/access-token-lifetime/

Exactly what "model" is in use in your case I have no idea.

Google discuss their implementation here https://developers.google.com/identity/protocols/OAuth2UserAgent#validate-access-token As that is the main use of Oauth in Thunderbird I am assuming it is their implementation.

Dashour
Dashour Lastnik vprašanja
more options

Ok Matt many thanks for that answer. Uhm, is this something I should be concerned about? My main concern was that my old password could still be used by somebody - but this sounds like that's not the case, right? Thanks.

Matt
Matt
  • Top 25 Contributor
  • Moderator
more options

Izbrana rešitev

dashour said

Ok Matt many thanks for that answer. Uhm, is this something I should be concerned about?

No.

My main concern was that my old password could still be used by somebody - but this sounds like that's not the case, right?

Right.

Spremenil Matt

Dashour
Dashour Lastnik vprašanja
more options

Many thanks Matt. A quick reply, for free, it doesn't get better than that. Cheers.