Can't signin into GMAIL account on Thunderbird
I use Thunderbird 78.8.0 and Firefox 86.0 build3
I changed my gmail password in FF and can use gmail in an FF tab but TB login fails with new or old gmail password. I recently changed Thunderbird security from 0Auth2 to 'normal password'. I tried removing my account from TB and adding back - it still fails. What did I do wrong?
Thanks in advance for any help.
All Replies (3)
If you have any desire at all for a smooth seamless exchange you will use oAth as you authentication method.
oAuth is the method Google prefer and they make you jump through hoops if you want to use any other of the supposedly offered methods.
If you use two factor authentication on Google you must also create an app password and use that for Thundebird.
If you choose normal password you must also set the less secure apps setting in Google to use less secure apps. Go here https://myaccount.google.com/lesssecureapps?pli=1 Not5e this extremely well for the future. It is Googles expressed intention to completely remove normal password as an authentication method. When they do they will remove the option to use less secure apps.
My initial advice remains. Go back to oAuth as the authentication method. It just works! I have not had any issues using it with Gmail since it was first offered in Thunderbird. It is technically significantly more secure that a normal password. I have my doubts about how that works out in reality, but it is certainly not less secure and using it just makes life easier.
Matt, thanks for responding. OK I switched back to oAuth2 and TB prompted for my gmail password, I checked my inbox then closed TB. Then I logged out of gmail via FF and reopened TB - it didn't ask for a PW. This is why I originally changed TB to 'normal password' because it seems to be storing my PW without asking. It may be encrypted but is still possibly accessible, right? How do I force TB with oAuth to ask for a PW?
Thanks in advance for any help.
No it is not storing your password, it is storing the connection authorization it was provided by Google. Your password is not stored, only the access token. When it expires Google and Thunderbird negotiate a new one based on trust that the current connection is authorized.
If you want to have oversight over those encrypted tokens, then install a master password, which will lock the encrypted store with another layer of encrypting, your master password, know only to you. So Thunderbird can not access the contents without the master password.