All Products Support Forum

When I surf Youtube, Google, Facebook and anything on Firefox this following error happen every time. Please help me.

Firefox detected a potential security threat and did not continue to www.youtube.com because this website requires a secure connection.

What can you do about it?

www.youtube.com has a security policy called HTTP Strict Transport Security (HSTS), which means that Firefox can only connect to it securely. You can’t add an exception to visit this site.

The issue is most likely with the website, and there is nothing you can do to resolve it.

If you are on a corporate network or using anti-virus software, you can reach out to the support teams for assistance. You can also notify the website’s administrator about the problem.

I used to be able to send emails using Thunderbird to Office365 using SMTP, but it is no longer working, although I'm still receiving emails.

Getting the following error: Login to server smtp.office365.com with username ***@*** failed

Settings Server: smtp.office365.com Port: 587 Encryption: STARTTLS

The problem occurs with Windows and also Mac OS (I installed Thunderbird to help troubleshoot).

I'm using Office 365 Family, so there is no option to manage the users, as there is in the business version, and which has been suggested by others with the same problem.

It's unclear to me if the problem lies with Thunderbird or Microsoft (I suspect the latter). Any advice would be very welcome.

I received the following from my e-mail provider, and as a total dumbo about this, want to ask if I need to do anything about this in Thunderbird (Linux). As far as I can see, my e-mail account in Thunderbird is set to POP3, encrypted using SSL/TLs, normal password - can anyone tell me if this is OK - Thanks.

Quote: "We are contacting you because one or more of your devices or programs uses the TLS 1.0 and/or TLS 1.1 encryption protocols to connect to our mail.com email servers, or is using an unencrypted connection. This involves either access via SMTP (sending emails) or retrieval via POP3/IMAP (receiving emails).

Unfortunately, the TLS 1.0 and TLS 1.1 encryption protocols are outdated and no longer meet current security standards. To protect your email communications, soon we will no longer allow access to our mail.com servers with these outdated protocols. Unencrypted access will also no longer be possible.

After the protocols have been deactivated, the transfer of emails between your affected device or program and our mail.com servers will no longer work; i.e. no emails will be transmitted to or from your mail.com email account using TLS 1.0 and TLS 1.1. Furthermore, unencrypted SMTP/IMAP/POP3 connections will no longer function. In other words, as of Oct. 5, 2022, it will only be possible to connect if TLS 1.2 or TLS 1.3 encryption is in place." Unquote

Hi, My institution has stopped allowing mail to be sent via Thunderbird using OAuth2 because of security concerns. They write:

"While Thunderbird uses Oauth2, it doesn't use/support it fully for sending mail. As such you can authenticate with oauth2 and download/receive mail on Thunderbird, but you can't send mail. Despite saying Outgoing mail uses oAuth2, Thunderbird still requires SMTP to be turned on to use it. This negates the security benefit from the decision to end legacy authentication, and is the change we are not able to do from the new policy. If Thunderbird were to fully support/use oauth2 for sending and receiving it should work. However, while thunderbird - or other mail clients - require SMTP in order to send mail, they will not be able to properly send mail."

Does / will Thunderbird address this and update? Is there an existing solution or explanation?

An error occurred during a connection to www.facebook.com. SSL_ERROR_DC_EXPIRED What in the world? does Facebook not keep up with its own security? or is this a Firefox thing?

I recently changed Firefox settings to delete cookies for everything when I close it except the sites I use frequently. This has worked great for everything except for Google sites which sign me out every time I close the browser.

I assume there are some supporting sites for signing in to Google that need to be in the exception list, but I don't know what they might be. I'm also using Mozilla's new Multi-account Container extension in case that matters.

Thanks for taking the time to read this.

defaultPref("privacy.window.maxInnerWidth", 1000); defaultPref("privacy.window.maxInnerHeight", 1000);

Instead of 1000 what is the default value Firefox uses?

HI!

My buddy highlighted an issue, then i re-checked myself and it is worrying to me.

To recreate (windows):

Get any (non-webistaller [not nececarry, to do it this way, but simpler to check]) firefox version (buddy got a fresh portable, i used my kinda privacy fortified one). Disconnect from the internet (plug the cable for fastest result). Make your version usable (install it) Start firefox, and open the Resource Monitor, with the network tab open expand the Network Activity portion (short alphabeticly, by name, check for F for firefox). Plug the cable in.

You soon will see FF will start looking for things, then an adress with a googleusercontet.com will pop up. Does not matter what is the Homepage's default browser, does no matters even if the Homepage is set to blank, this happens.

My best bet would be google safe browsing, but still, without any activity it is already connecting to that?

I know about the Google-FF/Mozilla relation, but this really made me think about why i still like firefox.

Since yesterday I am getting this "Did Not Connect: Potential Security Issue" error on every sites that I have tried to visit. Even on well known secured sites like https://drive.google.com is inaccessible while my Chrome and Edge is working fine. Any solution?

My old computer had issues and I could't fix it, so I got a new laptop after some time. When tried to login to Firefox, I couldn't remember my account password. So I used the password reset option to reset password.

Now I don't have access to my old saved passwords which I saved in my old computer.

I have the hard disk of the old/ damaged computer, so I'm looking for a way to copy/ restore my logins/ passwords saved from the old computer hard disk to my new laptop.

Both computers are Windows 10. Any help?

Hello, I received a Yubikey 5 and all is working fine using GPG with it, except integration with Thunderbird on Windows.

I followed this guide: https://wiki.mozilla.org/Thunderbird:OpenPGP:Smartcards including 64 windows section

I was able to successfully send mail to myself, but then thunderbird failed at decrypting this message: Thunderbird is indicating that key is not available and I see no prompt from gpg-agent. Key is correctly declared as GPG external.

If I try to decrypt tis email by storing it on file and using gpg in command line, it works fine: agent is asking for Yubikey PIN and gpg is decrypting the message. But this is an awful workaround, not user friendly at all.

I also did sanity check by sending to myself a message encrypted with a key generated by Thunderbird: all is working fine, the message is decrypted within Thunderbird.

=> How do you make Thunderbird decrypt message encrypted with key stored in Yubikey? How do you make the gpg-agent called by thunderbird?

I do not have a G account. For work related purposes I have to utilize websites that bombard me with Sign in w Google. No settings within FF I found can stop this onslaught. Same goes for Ad Block Plus and a few others since disabled and deleted. No useful information on G's forum website. Firefox, I was under the impression your about user safety & security? Why O Why do I get this garbage from G daily in your browser 105.3 on Win 10 home without a way to disable it?

I'm trying to disable some pop-up blockers but I can't even find where "tools" are.

I like to ] further comment if this is going to Firefox Support. This is the most complicated mess I've ever dealt with.

I have disabled DRM content, why is firefox annoying me to enable it each time I load a website that requires it. What seems to be now the general topic, even for a simple blog... If I disabled it, I do not want to be prompted to enable it back. I know how to enable it.

Why is my browsers address bar red striped? From what I have found online, dev tools has something to do with it; something about the browser being remote controlled.

How to I remedy this?

When I enter my SMS code as part of SSL/TLS security OAuth2 authentication method (see my account5 below) I get the following: __________________________________________________ Need admin approval Thunderbird www.thunderbird.net

Thunderbird needs permission to access resources in your organisation that only an admin can grant. Please ask an admin to grant permission to this app before you can use it. Have an admin account? Sign in with that account Return to the application without granting consent __________________________________________________

I don't know what app is being refered to in the above message but I am the administrator of my account and have given full permissions for Thunderbird to cross Windows Firewall etc. etc.

Since this problem started this morning I get the busy rotating symbol when accessing my account5 mail directories and their contents do not appear to be updating.

Some of the copious troubleshooting information provided from Thunderbire Help follows: ____________________________________________________

 Application Basics

   Name: Thunderbird
   Version: 91.4.1
   Build ID: 20211216022855
   Distribution ID:

   Update Channel: release
   User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.4.1
   OS: Windows_NT 6.1 7601

   Launcher Process: Enabled
   Multiprocess Windows: 0/0
   Fission Windows: 0/0
             Disabled by default
   Remote Processes: 4
   Enterprise Policies: Inactive
   Google Location Service Key: Missing
   Google Safebrowsing Key: Missing
   Mozilla Location Service Key: Missing
   Safe Mode: false

 Mail and News Accounts
   account1:
     INCOMING: account1, , (imap) outlook.office365.com:993, SSL, 3
     OUTGOING: , smtp.office365.com:587, 2, 3, true

   account2:
     INCOMING: account2, , (none) Local Folders, 0, 3

   account5:
     INCOMING: account5, , (imap) outlook.office365.com:993, SSL, 10
     OUTGOING: , smtp.office365.com:587, 2, 10, true

 Crash Reports for the Last 3 Days

 Remote Processes

   Type: Count

     Web Content: 3 / 8
     Extension: 1

 Security Software

   Type: Name

     Antivirus:
     Antispyware:
     Firewall:

 Environment Variables

   MOZ_CRASHREPORTER_DATA_DIRECTORY: C:\Users\re\AppData\Roaming\Thunderbird\Crash Reports
   MOZ_CRASHREPORTER_EVENTS_DIRECTORY: C:\Users\re\AppData\Roaming\Thunderbird\Profiles\fwghi177.IETimport\crashes\events
   MOZ_CRASHREPORTER_PING_DIRECTORY: C:\Users\re\AppData\Roaming\Thunderbird\Pending Pings
   MOZ_CRASHREPORTER_RESTART_ARG_0: C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
   MOZ_CRASHREPORTER_STRINGS_OVERRIDE: C:\Program Files (x86)\Mozilla Thunderbird\crashreporter-override.ini
   MOZ_LAUNCHER_PROCESS: 1

 Important Modified Preferences

   accessibility.typeaheadfind.flashBar: 0
   browser.cache.disk.amount_written: 849303
   browser.cache.disk.capacity: 1048576
   browser.cache.disk.filesystem_reported: 1
   browser.search.region: AU
   extensions.lastAppVersion: 91.4.1
   font.internaluseonly.changed: true
   font.name.monospace.el: Consolas
   font.name.monospace.x-cyrillic: Consolas
   font.name.monospace.x-unicode: Consolas
   font.name.monospace.x-western: Consolas
   font.name.sans-serif.el: Calibri
   font.name.sans-serif.x-cyrillic: Calibri
   font.name.sans-serif.x-unicode: Calibri
   font.name.sans-serif.x-western: Times New Roman
   font.name.serif.el: Cambria
   font.name.serif.x-cyrillic: Cambria
   font.name.serif.x-unicode: Cambria
   font.name.serif.x-western: Cambria
   font.size.monospace.el: 14
   font.size.monospace.x-cyrillic: 14
   font.size.monospace.x-unicode: 14
   font.size.monospace.x-western: 14
   font.size.variable.el: 17
   font.size.variable.x-cyrillic: 17
   font.size.variable.x-unicode: 17
   gfx.crash-guard.d3d11layers.appVersion: 91.4.1
   gfx.crash-guard.d3d11layers.deviceID: 0x0659
   gfx.crash-guard.d3d11layers.driverVersion: 8.17.12.7628
   gfx.crash-guard.d3d11layers.feature-d2d: true
   gfx.crash-guard.d3d11layers.feature-d3d11: true
   gfx.crash-guard.d3d9video.appVersion: 78.14.0
   gfx.crash-guard.d3d9video.deviceID: 0x0659
   gfx.crash-guard.d3d9video.driverVersion: 8.17.12.7628
   gfx.crash-guard.status.d3d11layers: 2
   gfx.crash-guard.status.d3d9video: 2
   gfx.crash-guard.status.wmfvpxvideo: 2
   gfx.crash-guard.wmfvpxvideo.appVersion: 78.14.0
   gfx.crash-guard.wmfvpxvideo.deviceID: 0x0659
   gfx.crash-guard.wmfvpxvideo.driverVersion: 8.17.12.7628
   idle.lastDailyNotification: 1641365785
   layers.mlgpu.sanity-test-failed: false
   media.gmp.storage.version.observed: 1
   media.hardware-video-decoding.failed: false
   network.predictor.cleaned-up: true
   network.trr.blocklist_cleanup_done: true
   places.database.lastMaintenance: 1641185870
   places.history.expiration.transient_current_max_pages: 112348
   privacy.purge_trackers.date_in_cookie_database: 0
   security.disable_button.openCertManager: false
   security.disable_button.openDeviceManager: false
   security.remote_settings.crlite_filters.checked: 1635390021
   security.remote_settings.intermediates.checked: 1635390021
   security.sandbox.content.tempDirSuffix: {bfda8a1a-634b-4d7e-8fe6-b8b6bfbd896c}
   security.sandbox.plugin.tempDirSuffix: {65f21b5f-d21c-40f9-9190-e19dcdf55ea8}
   signon.importedFromSqlite: true
   storage.vacuum.last.index: 1
   storage.vacuum.last.places.sqlite: 1641272744

 Important Locked Preferences

 fission.autostart.session: false

 Places Database

 Accessibility

   Activated: false
   Prevent Accessibility: 0
   Accessible Handler Used: true
   Accessibility Instantiator:

 Library Versions

     Expected minimum version
     Version in use

     NSPR
     4.32
     4.32

     NSS
     3.68.2
     3.68.2

     NSSSMIME
     3.68.2
     3.68.2

     NSSSSL
     3.68.2
     3.68.2

     NSSUTIL
     3.68.2
     3.68.2

 Sandbox

   Content Process Sandbox Level: 0
   Effective Content Process Sandbox Level: 1
   Win32k Lockdown State for Content Process: Win32k Lockdown disabled -- Operating system not supported

 Startup Cache

   Disk Cache Path: C:\Users\re\AppData\Local\Thunderbird\Profiles\fwghi177.IETimport\startupCache\startupCache.8.little
   Ignore Disk Cache: false
   Found Disk Cache on Init: false
   Wrote to Disk Cache: true

 Internationalisation & Localisation

     Application Settings
     Requested Locales: ["en-GB","fr"]
     Available Locales: ["en-GB","en-US","fr"]
     App Locales: ["en-GB","en-US","fr"]
     Regional Preferences: ["en-AU"]
     Default Locale: "en-GB"

     Operating System
     System Locales: ["en-US"]
     Regional Preferences: ["en-AU"]

 Remote Debugging (Chromium Protocol)

   Accepting Connections: false
   URL:

Hello I'm referencing the topic where TLS 1.0 and 1.1 support was removed but rolled back to accommodate some government agencies / sites and support for COVID-19 data

https://support.mozilla.org/en-US/questions/1290040#:~:text=Mozilla%20and%20other%20browser%20makers,and%20performance%20of%20Internet%20connections.

Quoted answer "Right, support for TLS 1.0 and TLS 1.1 has been removed few months ago, but we reverted the change for an undetermined amount of time to better enable access to critical government sites sharing COVID19 information."

Since it was referenced as "undermined amount of time", is there anything currently on your roadmap/release schedule in regards to removing support again? I have some cutover decisions I need to make and knowing if ESR for example will remove this support in 2 months may effect the direction of those. If you have anything to share, i'd really appreciate it.

Regards,

-Chad

Firefox is not remembering the cookies and data of websites that I have saved under Exceptions. These sites are saved under Exceptions but I still have to log in every single time I access those sites, regardless of the fact that are saved to the list.

Hello,

This morning when I opened Thunderbird it wouldn't accept my master/primary password. I've used the same one for years, so I know I've not forgotten it. Plus it worked yesterday!

Only thing that seems to have changed is the update to Thunderbird 91.

Any tips would be greatly appreciated.

Firefox has my credit card information and it shows up in a window when I go to pay for something, but when I click on the credit card I want to pay with, it won't autofill. In Settings, the box to autofill is checked. This has worked a hundred times before, but stopped working a few months ago. Also, I've checked the 2 relevant items in about:config an they are enabled. How do I get the autofill to start working again?