X
Tap here to go to the mobile version of the site.

Support Forum

Thunderbird has a problem with U2F

Posted

I tried to configure Thunderbird with OAuth2. After setting "Authentication method" to OAuth, and while fetching the emails, additional authentication window (think it's a browser window) poped up where I can put my credentials. I initialy used the SMS as 2-nd factor and this works well.

Than I tried to set up my second acount where I use Yubikey4 for 2nd factor amd seems that browser window does not support U2F. Therefore I cannot use my Yubikey with OAuth2 :( Normaly the diode on Yubikey starts to blink when some aps ask for verification. In this case there is no reaction (no interaction with libusb).

I changed the security.webauth.u2f to true and security.webauth.u2f_enable_usbtoken in hope that this will enable the support. Nope. I done similar thing in Firefox in hope that Thunderbird opens Firefox window for 2 factor. Still no success.

Using Google account and yubikey4. Yes I know about "insecure app's password in google" but the point is to use OAuth2 method since Thunderbird seems to support it. It works with SMS at least. The problems seems to be a missing support for U2F in browser window.

To be clear U2F works in my Firefox setup on the same machine. What is the missing piece that Thunderbird has this problem?

I tried to configure Thunderbird with OAuth2. After setting "Authentication method" to OAuth, and while fetching the emails, additional authentication window (think it's a browser window) poped up where I can put my credentials. I initialy used the SMS as 2-nd factor and this works well. Than I tried to set up my second acount where I use Yubikey4 for 2nd factor amd seems that browser window does not support U2F. Therefore I cannot use my Yubikey with OAuth2 :( Normaly the diode on Yubikey starts to blink when some aps ask for verification. In this case there is no reaction (no interaction with libusb). I changed the security.webauth.u2f to true and security.webauth.u2f_enable_usbtoken in hope that this will enable the support. Nope. I done similar thing in Firefox in hope that Thunderbird opens Firefox window for 2 factor. Still no success. Using Google account and yubikey4. Yes I know about "insecure app's password in google" but the point is to use OAuth2 method since Thunderbird seems to support it. It works with SMS at least. The problems seems to be a missing support for U2F in browser window. To be clear U2F works in my Firefox setup on the same machine. What is the missing piece that Thunderbird has this problem?

Chosen solution

Short answer is that U2F is not yet supported in TB releases, despite references to it in various preferences (TB and Firefox have much common code).

The upcoming TB 60 supports U2F, so you could try it in the beta version or RC3.

Read this answer in context 0

Additional System Details

Application

  • User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36

More Information

sfhowes
  • Top 10 Contributor
1422 solutions 6745 answers

Chosen Solution

Short answer is that U2F is not yet supported in TB releases, despite references to it in various preferences (TB and Firefox have much common code).

The upcoming TB 60 supports U2F, so you could try it in the beta version or RC3.

Short answer is that U2F is not yet supported in TB releases, despite references to it in various preferences (TB and Firefox have much common code). The [https://www.thunderbird.net/en-US/thunderbird/60.0beta/releasenotes/ upcoming TB 60] supports U2F, so you could try it in the beta version or [http://ftp.mozilla.org/pub/thunderbird/candidates/60.0-candidates/build3/ RC3].

Question owner

Got it. Thanks!

Got it. Thanks!