X
Tap here to go to the mobile version of the site.

Support Forum

Google Security claims that Thunderbird is a security risk and keeps blocking email login to gmail.

Posted

What is going on? What google security are they saying you violating? There are no details -- no list of apps, no specifics and no way to manage fine access control parameters. What is going on here. All I can tell is that they block access, tell me the password is not accepted, and that I have an insecure app somewhere on my MAC. They direct me to their security with no additional management tool than the "turn it all off" button. Sounds political as well as problematic. I participate in security practice but this is just not sufficient.

What is going on? What google security are they saying you violating? There are no details -- no list of apps, no specifics and no way to manage fine access control parameters. What is going on here. All I can tell is that they block access, tell me the password is not accepted, and that I have an insecure app somewhere on my MAC. They direct me to their security with no additional management tool than the "turn it all off" button. Sounds political as well as problematic. I participate in security practice but this is just not sufficient.
Attached screenshots

Chosen solution

IMAP is ok, but what Authentication Method ? 'Normal Password' ? If yes, then gmail will need you to select 'less secure apps' option.

Matt mentioned you should try 'Oauth2'. If you change Authentication Method to use 'OAuth2' in both incoming server settings and outgoing server settings and restart Thunderbird, gmail will prompt you to enter password and then a token is created and stored in same place as passwords. From then onwwards the token is used and you do not need to use 'less secure apps'.

Read this answer in context 0

Additional System Details

Application

  • User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:67.0) Gecko/20100101 Firefox/67.0

More Information

Matt
  • Top 10 Contributor
  • Moderator
3234 solutions 22217 answers

it is political on Googles part, but all you need to do is use oAuth as your authentcation method (IMAP AND SMPT) and do not use a proxy as Google thinks you are logging in from the wrong part of the world.

it is political on Googles part, but all you need to do is use oAuth as your authentcation method (IMAP AND SMPT) and do not use a proxy as Google thinks you are logging in from the wrong part of the world.

Question owner

I already use IMAP and SMTP

I already use IMAP and SMTP
Toad-Hall
  • Top 10 Contributor
1739 solutions 11638 answers

Chosen Solution

IMAP is ok, but what Authentication Method ? 'Normal Password' ? If yes, then gmail will need you to select 'less secure apps' option.

Matt mentioned you should try 'Oauth2'. If you change Authentication Method to use 'OAuth2' in both incoming server settings and outgoing server settings and restart Thunderbird, gmail will prompt you to enter password and then a token is created and stored in same place as passwords. From then onwwards the token is used and you do not need to use 'less secure apps'.

IMAP is ok, but what Authentication Method ? 'Normal Password' ? If yes, then gmail will need you to select 'less secure apps' option. Matt mentioned you should try 'Oauth2'. If you change Authentication Method to use 'OAuth2' in both incoming server settings and outgoing server settings and restart Thunderbird, gmail will prompt you to enter password and then a token is created and stored in same place as passwords. From then onwwards the token is used and you do not need to use 'less secure apps'.

Modified by Toad-Hall

jell 0 solutions 15 answers

Matt said

it is political on Googles part, but all you need to do is use oAuth as your authentcation method (IMAP AND SMPT) and do not use a proxy as Google thinks you are logging in from the wrong part of the world.

How is it political?

''Matt [[#answer-1228127|said]]'' <blockquote> it is political on Googles part, but all you need to do is use oAuth as your authentcation method (IMAP AND SMPT) and do not use a proxy as Google thinks you are logging in from the wrong part of the world. </blockquote> How is it political?
jell 0 solutions 15 answers

And why doesn't Thunderbird meet Gmail's standards?

And why doesn't Thunderbird meet Gmail's standards?
Matt
  • Top 10 Contributor
  • Moderator
3234 solutions 22217 answers

jell said

Matt said
it is political on Googles part, but all you need to do is use oAuth as your authentcation method (IMAP AND SMPT) and do not use a proxy as Google thinks you are logging in from the wrong part of the world.

How is it political?

They want you to leave all of their mail on their server and use their provided apps so they miss exactly nothing in your life to sell adds about.

jell said

And why doesn't Thunderbird meet Gmail's standards?

It does, but legacy accounts are still configured for normal password not Oauth. Yet others do not want to use the new authentication for whatever reason.

I suggest you invest some time in Google instead of asking questions on topics that are marked solved and spamming everyone in the topic with you ideas.

''jell [[#answer-1244717|said]]'' <blockquote> ''Matt [[#answer-1228127|said]]'' <blockquote> it is political on Googles part, but all you need to do is use oAuth as your authentcation method (IMAP AND SMPT) and do not use a proxy as Google thinks you are logging in from the wrong part of the world. </blockquote> How is it political? </blockquote> They want you to leave all of their mail on their server and use their provided apps so they miss exactly nothing in your life to sell adds about. ''jell [[#answer-1244718|said]]'' <blockquote> And why doesn't Thunderbird meet Gmail's standards? </blockquote> It does, but legacy accounts are still configured for normal password not Oauth. Yet others do not want to use the new authentication for whatever reason. I suggest you invest some time in Google instead of asking questions on topics that are marked solved and spamming everyone in the topic with you ideas.