Hi, somehow thunderbird forced me to use OAuth for caldav and carddav. (v140 on linux) Unless I've probably missed something this approach doesn't seem to have considered that people might use more than one device. In the past I had an application password per device with my mail provider. That password covered imap, smtp, caldav and carddav. The application password I could set with a specific name at my mail provider. If the device was lost, compromised or whatever I just deleted that one application password at my mail provider, problem solved. Now a regular thunderbird setup has the application password for mail and 2 OAuth records per device under "Connected Apps" at my mail provider. But it is not possible to see anymore to which device the OAuth record belong, as there is nothing device specific coming along with these OAuth records, just an IP. With that perspective OAuth weakened my security options, as I can only guess which OAuth record I have to delete in an emergency case. Did anyone who implemented that with Thunderbird considered that people may have more than 1 device? Maybe even more than 5 devices? That OAuth approach looks unmanagable to me. Is there a way to switch OAuth off in thunderbird, until it becomes more useable in >1 device setups?

Cheers Tjareson