Avatar for Username

Pomoc pśepytaś

Glědajśo se wobšudy pomocy. Njenapominajomy was nigda, telefonowy numer zawołaś, SMS pósłaś abo wósobinske informacije pśeraźiś. Pšosym dajśo suspektnu aktiwitu z pomocu nastajenja „Znjewužywanje k wěsći daś“ k wěsći.

Learn More

Toś ta nitka jo se archiwěrowała. Pšosym stajśo nowe pšašanje, joli trjebaśo pomoc.

Yahoo! thinks Thunderbird sign-in is "less secure"

  • 2 wótegronje
  • 2 matej toś ten problem
  • 11 naglědow
  • Slědne wótegrono wót christ1

BampaOwl
BampaOwl
more options

Following today's revelations about Yahoo's security breach, I have changed my Yahoo password. But in the process I encountered a Yahoo! security setting entitled "Allow apps that use less secure sign in". The page says "Some non-Yahoo apps and devices use less secure sign-in technology, which could leave your account vulnerable. You can turn off access (which we recommend) or choose to use them despite the risks."

It turns out that Thunderbird is one of the apps that Yahoo reckons use less secure sign-in technology, so I have had to "Allow" this exception in order to access my Yahoo! account from Thunderbird.

Should I be concerned? Can anyone comment on T'bird's security of sign-in? (I am not sufficiently technical ...)

Following today's revelations about Yahoo's security breach, I have changed my Yahoo password. But in the process I encountered a Yahoo! security setting entitled "Allow apps that use less secure sign in". The page says "Some non-Yahoo apps and devices use less secure sign-in technology, which could leave your account vulnerable. You can turn off access (which we recommend) or choose to use them despite the risks." It turns out that Thunderbird is one of the apps that Yahoo reckons use less secure sign-in technology, so I have had to "Allow" this exception in order to access my Yahoo! account from Thunderbird. Should I be concerned? Can anyone comment on T'bird's security of sign-in? (I am not sufficiently technical ...)

Wšykne wótegrona (2)

BampaOwl
BampaOwl Pšašaŕ
more options

Ah. Once I had described my problem the Forum software found that @peterleggat had exactly the same issue last month, and @toad_hall had provided a useful reply. I'm not sure I follow it completely TBH - something about OAuth2.

christ1
christ1
  • Top 25 Contributor
more options

As long as you access your Yahoo account using Thunderbird via TLS this is by no means less secure. TLS means your connection to the server is encrypted. In that case you do see a little padlock at your account name in the folder pane.

Thunderbird will probably support OAuth2 authentication for Yahoo in a future version.