Mozilla VPN is currently experiencing an outage. Our team is actively working to resolve the issue. Please check the status page for real-time updates. Thank you for your patience.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

password failure

  • 1 cavab
  • 1 has this problem
  • 1 view
  • Last reply by Matt

more options

Hi, I've recently changed my password on Gmail and when entering my new password into Thunderbird I receive a message to go to: https://support.google.com/mail/accounts/answer/78754 (failure) . When looking into this, I established that for Thunderbird to work I need to tick “Allow” to let less secure apps access my Google account. Obviously for safety reasons this is not a recommended option. Is there anything I can do for Thunderbird to work without worrying that my gmail account can get hacked into?

Many thanks,

Dasha

Hi, I've recently changed my password on Gmail and when entering my new password into Thunderbird I receive a message to go to: https://support.google.com/mail/accounts/answer/78754 (failure) . When looking into this, I established that for Thunderbird to work I need to tick “Allow” to let less secure apps access my Google account. Obviously for safety reasons this is not a recommended option. Is there anything I can do for Thunderbird to work without worrying that my gmail account can get hacked into? Many thanks, Dasha

All Replies (1)

more options

Two issues here. 1. Less secure is entirety subjective. Google call is less secure. Everyone else on the planet involved with email call it standard. THey are in fact forcing a web authentication standard oAuth2.0. So now mail clients not designed as web browsers are forced to do so. A far more risky arrangment then a standard username and password arrangement.

2. Thunderbird 38 supports oAuth2.0 for Gmail IMAP mail accounts. Be it for better or worse.

Your choice really. I do not use oAuth2.0.