This thread was archived. Please ask a new question if you need help.
Google notice, Thunderbird not secure
Google says the following when I authenticate my Thunderbird app (MAC OS) to send and receive (IMAP/SMTP) Gmail messages. Is Google correct or mistaken about Thunderbird not being secure? Thank you
"Less secure app blocked Google blocked the app you were trying to use because it doesn't meet our security standards. Some apps and devices use less secure sign-in technology, which makes your account more vulnerable. You can turn off access for these apps, which we recommend, or turn on access if you want to use them despite the risks. Google will automatically turn this setting OFF if it's not being used."
All Replies (5)
You shouldn't get any warnings if the authentication on the incoming and outgoing servers is OAuth2. If it isn't, change to OAuth2, accept cookies in TB Preferences/Privacy & Security, remove passwords from Saved Passwords, restart TB, enter the account password in the OAuth window when prompted.
I'm sorry about my third grade level but it is not clear to me how to do the oath2 and the step by step setups approach my level of ignorance. E.g. https://www.lifewire.com/gmail-access-thunderbird-1173150#how-to-configure-your-gmail-account
As it turns out, my password box in thunderbird has an address string that includes oath2 and if it is specific to incoming or outgoing then I'm unable to discern (see attached).
I'm not clear about where to do the first step of the recommendation you shared, i.e. "If it isn't, change to OAuth2". If "it" is a setting in the thunderbird preferences I don't see it.
What do you advise?
Postscript: The problem is only getting the app to recognize Gmail password for outgoing (SMTP), incoming (IMAP) is working fine.
The authentication on the outgoing server must also be OAuth2. Tools/Account Settings, Outgoing Server (SMTP) at the bottom of the left pane. The outgoing server will (should) use the same oauth token that is already stored in Saved Passwords.
Thunderbird accesses Gmail with less secure app access turned on.
What I don't understand is what Thunderbird version is new enough to not require it by Google's standards: https://support.mozilla.org/en-US/questions/1353059
I'm not ready for 91.2 right now.