Showing questions tagged: Show all questions
  • Solved
  • Archived

What's the difference between ALLOW and ALLOW for a SESSION?

Under EXCEPTIONS I had to ALLOW certain websites. Then I decided to experiment and see what ALLOWED for SESSION really does. Neither the entries for websites I allowed fo… (read more)

Under EXCEPTIONS I had to ALLOW certain websites. Then I decided to experiment and see what ALLOWED for SESSION really does.

Neither the entries for websites I allowed for a session were deleted from the list of exceptions, nor the cookies saved by these websites were deleted even when I closed the browser.

I do not see the difference in terms of what happens between selecting Allow vs. Allow for session.

Could someone who knows please explain or point me to the place that explains the difference and how this works?

Thanks.

Asked by Sue 1 year ago

Answered by jscher2000 - Support Volunteer 1 year ago

Thunderbird 91.4.1 authentication problems with gmail accounts

Yesterday, Thunderbird was automatically updated to 91.4.1 on my Windows 10 laptop. Now my gmail accounts fail to authorize. When I start Thunderbird, a splash screen app… (read more)

Yesterday, Thunderbird was automatically updated to 91.4.1 on my Windows 10 laptop. Now my gmail accounts fail to authorize. When I start Thunderbird, a splash screen appears "Secure connection failed". The title bar on the splash screen says "Enter credentials for xxxxx@gmail.com on imap.gmail.com" (xxxxx represents my username). There is nowhere to enter credentials as far as I can see. I know for sure that the password I used was correct as I just signed in to gmail using a browser. Please help!

Asked by dhayter54 5 months ago

Last reply by Toad-Hall 2 months ago

  • Solved

Gmail's upcoming OAuth2 requirement

I've been running TB38/linux for a long time and have many extensions and .css entries. In order to comply with gmail's upcoming OAuth2 requirement, I just installed TB9… (read more)

I've been running TB38/linux for a long time and have many extensions and .css entries. In order to comply with gmail's upcoming OAuth2 requirement, I just installed TB91 and copied over the contents of my TB38 profile into the newly-created profile.

Imagine my disgust to find that none of my .css entries (mostly involving fonts not dealt with in the preferences) and most of my extensions and colors are inoperative. I've been tweaking TB since it was Netscape .9 and appearance and LEGIBILITY (Arial bold) is really important for something that I use for many hours per day. Quite frankly, I hate this new version. If I have to I will use it in order to avoid losing my SORTED email going back to 1995, but I'll do it resentfully.

It has been my experience that with each update I lose something of value to me -- hence my stop at V38. What is the oldest version of Thunderbird/linux that will satisfy gmail's OAuth2 requirement?

I'm sure I'm not the only one wondering...

Asked by bashley101 2 months ago

Answered by bashley101 2 months ago

  • Solved

Gmail with Thunderbird using OAUTH2 - not Connecting nor creating a Cookie

This is my first post. But I have been reading and benefiting from all the expertise I have found here for many years! Thanks to all! Trying to plan ahead for the Gmail… (read more)

This is my first post. But I have been reading and benefiting from all the expertise I have found here for many years! Thanks to all!

Trying to plan ahead for the Gmail OAUTH2 change, I upgraded to Tbird 91.9.0.

My Account Settings all transferred to the new version. I do have multi Gmail accounts, as well as other email accounts, but from other posts here, this should matter.

While I am a long term Tbird user, I am a newbie with OAUTH2. I can't seem to connect. So I am writing here for help!

My setup: - Dell notebook running W10 - internet connection strong - am using a Netgear Nighthawk Hotspot Router, which works great with

    everything else, so I really doubt that is an issue

- testing without a firewall; running McAfee - resetting Tbird account back to "Normal Password", then Gmail connects

Incoming Server set to IMAP: imap.gmail.com:993 w SSL/TLS and OAuth2 Outgoing: smtp.gmail.com:465 w SSL/TLS and OAuth2

I have been consistently testing with the same gmail account: - YES, I know my password; it works with both the Gmail web interface,

   or after going back to "Normal Password" instead of OAUTH2

- allow any Alert emails via Gmail Web Interface, repeatedly. - Ran Captcha ... many times! In case someone else reading here needs this, it is here: https://accounts.google.com/b/0/DisplayUnlockCaptcha and you must be logged into the Gmail Web Interface when running this. I have learned to take a pause after running this, for it do its thing.

If Toad-Hall is reading this, I found your list of steps here very helpful: https://support.mozilla.org/en-US/questions/1375558 Worth repeating for others who are struggling, like me.

As recommended here: https://support.mozilla.org/en-US/questions/1373706 Cookies: all cleared Remembered Passwords: all cleared

Also looked at this: https://support.mozilla.org/en-US/questions/1375702 Originally, my cookies WERE blocked. I did need to change my Web Content as recommended in this post:

   Selected: Remember web sites and links I've visited
   Selected: Accept cookies from sites
   Accept third-party cookies: Always
   Keep until : they expire
   Not selected: 'Send web sites 'Do not track'..... 

Also: In Privacy and Security -> Web content -> Exceptions, added: https://accounts.google.com set to 'Allow' and Saved Changes. Then exit Tbird, took a short pause, started Tbird again, per the advice to properly update the files.

Should I be doing BOTH of these? This post shows options: https://support.mozilla.org/en-US/kb/automatic-conversion-google-mail-accounts-oauth20 So if I Select to accept cookies, should I also set the Exception??? I have tested various combinations of these settings, but not seeing a cookie.

In Tbird, when testing to connect, I see:

"Sign in with your Google Account" Enter my account password (I see an error msg here when I typo the password, no error when entered correctly) Also, have checked "Stay Signed In" while trying to Authorize, as recommended. then click Allow on the second screen.

After a few seconds, keep seeing popup in lower right corner of screen: "Authentication failure while connecting to server imap.gmail.com" Sometimes, this msg does not popup, which seems odd to me, but it still fails: Cookies: still empty Password: still empty

I keep updating and reading and updating the setups and testing again, but no cookies for me!


I admit I have gotten off track, testing and reading posts:

Thought my problem might involve Certificates for a while, but now do not think OAUTH2 is using Certificates. Right?

Thought for a bit it might be Javascript disabled, but I am NOT seeing the popup window that shows this error, from this post: https://support.mozilla.org/en-US/questions/1373379 refers to: https://support.mozilla.org/en-US/questions/1286410 Did find my way to Config editor: https://support.mozilla.org/en-US/questions/1349136 Followed this advice: "Click the 3-bar menu icon, Preferences, and find Config. editor at the bottom of the General section. Or, type editor in the search box at the top of Preferences." Then searched for "Javascript" and found most of settings were true, like javascript.enabled is "true". Should everything that a search for javascript finds be set to true? Since I do not see the error msg, I believe this is not my problem.


Stans posted another helpful summary here: https://support.mozilla.org/en-US/questions/1375538 "After you've changed your accounts to OAuth2, delete all records of your Google Account passwords from Thunderbird's password vault (Saved Passwords). With OAuth2, your passwords are not stored by Tbird. Instead, an OAuth2 token (a long string of meaningless characters) is stored in the password field. That's what you should see after completing the OAuth2 process for each of your accounts. You have to do it twice, once for incoming and once for outgoing server. Also, you must allow cookies in Thunderbird's Preferences, otherwise it won't work."

If I am following this correctly, after testing to try and authenticate, I should see a Cookie and a Saved Password being created but they are not.

Think this is my problem!


In Gmail web interface, I am not sure of some settings:

In Manage Your Google Account -> Security:

1. Should Sign-in 2-step verification be on/off? (its off) 2. Third Party apps w access shows Tbird (think this is new, don't recall it before) 3. Allow Less Secure App: turn off (was On for normal pswd; either way fails w OAUTH2) (think I have tested all combinations of the above, with no success) I welcome suggestions on how I should set these to connect with OAUTH2.

I feel like I am getting close here, but I am stuck. Is there anything else, maybe something I have not heard about, like Captcha, that I should try?

Have I missed a setting somewhere? Suggestions???

Meadowlark13

Asked by Meadowlark13 1 month ago

Answered by Toad-Hall 1 month ago

  • Solved
  • Archived

Firefox reports a secure connection without existing certificate

When i click on the lock icon in the address bar, nothing happens (I would expect to see the encryption and certificate, but no widget opens). When I right-click into the… (read more)

When i click on the lock icon in the address bar, nothing happens (I would expect to see the encryption and certificate, but no widget opens). When I right-click into the page and select "View Page Info", "Security", "View Certificate", no certificate exists. Only generic info is shown (Servers+Authorities). Also an error is reported in the system log, confirming that no certificate exists: JavaScript error: chrome://browser/content/browser-siteIdentity.js, line 642: TypeError: issuerCert is undefined

Questions:

  • Why does Firefox show the lock icon while no certificate exists?
  • How does Firefox establish a secure connection without having a certificate? (From my understanding a certificate is needed for TLS to work.)

Version used: Firefox 78.12.0esr ('Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101 Firefox/78.0'), no add-ons or plugins.

Asked by pmc1 9 months ago

Answered by jscher2000 - Support Volunteer 9 months ago

  • Archived

Thunderbird Linux keeps asking for passwords where it didn't before

Here's how it used to work and how I would like it to work: I start Thunderbird, it requests password(s). After I enter them correctly, Thunderbird scans for new mail a… (read more)

Here's how it used to work and how I would like it to work: I start Thunderbird, it requests password(s). After I enter them correctly, Thunderbird scans for new mail and will periodically scan for new mail. I could scan sub-folders like sent or trash without entering a password. Sending email requires inputting the password the first time. This behavior used to persist until I closed Thunderbird.

Here's how it is working now: I start Thunderbird, it requests password(s). After I enter them correctly, Thunderbird scans for new mail. Initially I can enter sub-folders soon after startup without entering a password. After some number of minutes if I click on the inbox or do a "get new mail" or enter a sub-folder, it requires I enter the password again. Thunderbird no longer checks for new mail as it seems to have forgotten the password(s) I entered. Sending an email requires entering the password every time to send, and entering the password again every time so it can be copied to the sent folder.

I've been using Thunderbird for decades and this new behavior is very frustrating. 

I recently converted one of my emails (yahoo) to oauth2 as yahoo imap will soon be disabled. I noticed the new behavior after this change, but cannot definitely attribute the undesirable behaviour to this change. After this change, the yahoo account no longer requires entering the password upon opening Thunderbird, for entering sub-folders or sending mail. This appears to be persistent.

What I've tried with no success: Run Thunderbird with addons disabled - undesired behaviour. Reinstall current version of Thunderbird - undesired behaviour. Reinstall older version of Thunderbird (clean profile forced) - undesired behaviour. Reinstall current version of Thunderbird with no yahoo account - undesired behaviour. Reinstall older version of Thunderbird (clean profile forced) with no yahoo account - undesired behaviour.

Any assistance that could be provided would be greatly appreciated.

Here's the pertinent troubleshooting info: Name Thunderbird Version 68.12.0 Build ID 20200820223055 User Agent Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.12.0 OS Linux 4.19.0-10-amd64 Profile Directory (Local drive) Build Configuration about:buildconfig Memory Use about:memory Performance about:performance Registered Service Workers about:serviceworkers Multiprocess Windows 0/0 Disabled Remote Processes 0 Enterprise Policies Inactive Google Location Service Key Missing Google Safebrowsing Key Missing Mozilla Location Service Key Missing Safe Mode false Profiles about:profiles Mail and News Accounts ID Incoming server Outgoing servers Name Connection security Authentication method Name Connection security Authentication method Default? account2 (none) Local Folders None Normal password account3 (imap) imap.gmx.net:993 SSL/TLS Normal password mail.gmx.net:587 SSL/TLS Normal password true account4 (imap) imap.googlemail.com:993 SSL/TLS Normal password smtp.googlemail.com:587 SSL/TLS Normal password true account5 (imap) imap.mail.yahoo.com:993 SSL/TLS OAuth2 smtp.mail.yahoo.com:465 SSL/TLS Normal password true

Asked by gargamon 1 year ago

Last reply by Toad-Hall 1 year ago

  • Solved
  • Archived

pups prefs.js keep coming back found by malwarebytes plus several tries to hack my email account

I found some infos but I do not trust myself just deleting the files in question since they ared all over my system. The following I found per malwarebytes which found th… (read more)

I found some infos but I do not trust myself just deleting the files in question since they ared all over my system. The following I found per malwarebytes which found the pups every day up to now:

PUP.Optional.DefaultSearch is Malwarebytes’ detection name for a family of browser hijackers targeting Chrome, Firefox and Internet Explorer. Symptoms The browsers’ default search engine was changed to one that belonged to the threat-actors. I am german so probably I need your patience in helping me to clean my system resp. Mozilla.

Looking forward Ingrid

Asked by iethomas 9 months ago

Answered by jscher2000 - Support Volunteer 9 months ago

  • Solved
  • Archived

How to hide default screen size in Firefox?

How can i hide my display/screen resolution from websites? I use Firefox in windowed mode not with my default screen size but websites know my default resolution. This ca… (read more)

How can i hide my display/screen resolution from websites? I use Firefox in windowed mode not with my default screen size but websites know my default resolution. This can be used to identify my pc. I dont want that for privacy reasons like tracking and adverstising. How can i prevent this? I found many threads/posts about this in various forums/websites. They are talking about Tor Browser and that websites can identify you if using full-screen mode. But as i said, im using Firefox not Tor and while im using windowed-mode websites still know my default resoltion. I tested this on https://whoer.net/

Another question, how can i restore the default window size in Firefox?

Asked by Firefox_Beginner 8 months ago

Answered by cor-el 7 months ago

  • Solved

Pref to block/fake font-readout?

Is there a preference in about:config to fake or simply block websites from reading the font-list of my operatingsystem? I think it is pretty ridiculous anyways that webs… (read more)

Is there a preference in about:config to fake or simply block websites from reading the font-list of my operatingsystem? I think it is pretty ridiculous anyways that websites can access this information since it has nothing todo with the webbrowser visiting the site but going beyond to spy on information that i consider private.

Same question goes for audio-readout, is there a pref to fake or block?

Asked by Firefox_Beginner 2 months ago

Answered by jscher2000 - Support Volunteer 2 months ago

  • Archived

Print preview no longer available from the inbox message listing

Before this latest update i could go to the list of messages in my inbox, rigth click on a message and selecte print preview, i was using this feature to avoid opening em… (read more)

Before this latest update i could go to the list of messages in my inbox, rigth click on a message and selecte print preview, i was using this feature to avoid opening emails that i was not sure if it was spam or something that i would be interested on. The option is no longer available with Thunderbird 91.1.1 (64-bit), what happen, why this feature was removed? Programming team running amok again? or QA team sleeping at the wheel? Please put back that option thanks

Asked by jgbittar 9 months ago

Last reply by Toad-Hall 8 months ago

  • Solved

How do I edit autofill entries

A website MultiSafepay.com has saved my CVV number in Firefox. How do I edit the autofill data? I can't get to the same payment page, to be in a position to delete it. Mo… (read more)

A website MultiSafepay.com has saved my CVV number in Firefox.

How do I edit the autofill data?

I can't get to the same payment page, to be in a position to delete it.

Most links on this matter refer to:

 Options => Privacy & Security => Forms and Autofill

However in my Version: Firefox 98.0.1 (64 bit) running on an up to date Windows 10 this feature is missing or deprecated.

Can anyone say how I could edit/delete this specific entry, or point me in the direction of where this data is stored?

In the mean time I can't recommend using Firefox for entering critical security data, where websites can allow the storage of CVV numbers.

Asked by firefox236 3 months ago

Answered by firefox236 3 months ago

  • Archived

Permissions default change

The permissions when I would initially open for set cookies was Allow now the default setting is allow for session. How could this setting be changed? I did not make the … (read more)

The permissions when I would initially open for set cookies was Allow now the default setting is allow for session. How could this setting be changed? I did not make the change. I only access the settings through page info.

Asked by Mace2 1 year ago

Last reply by Mace2 1 year ago

  • Solved
  • Archived

Huge Firefox issue. I am significantly scared.

Yesterday I went to my history to locate a prior site I had visited. There was only 1 site in history, which of course surprised me, and it was to CapitalOne.com/link … (read more)

Yesterday I went to my history to locate a prior site I had visited. There was only 1 site in history, which of course surprised me, and it was to CapitalOne.com/link accounts. This is my credit card company. I removed Firefox from my Macbook and then re-downloaded Firefox and installed. Nothing has changed. My settings are correct, meaning that I should be able to have sites visited in history, yet only the one site populates, and I've been to a lot of sites today....the credit card/link accounts site is the only site that is in history. You can imagine how nervous I am right now about doing anything on line. I sure hope that someone will help out here.

Asked by chefjeff 9 months ago

Answered by jscher2000 - Support Volunteer 9 months ago

  • Solved
  • Archived

Firefox security warning when downloading PDFs: How do I disable this?

Hi. Starting somewhat recently, Firefox has been getting in the way of me downloading certain PDFs which I know to be fine but which it thinks are insecure or a security … (read more)

Hi. Starting somewhat recently, Firefox has been getting in the way of me downloading certain PDFs which I know to be fine but which it thinks are insecure or a security hazard. I'd like to disable this security "feature" permanently. How can I do this? Thanks!

Asked by Greenhorn 7 months ago

Answered by Greenhorn 7 months ago

Autofilling password

Fire Fox has taken to auto filling my password on my brokerage account. This leaves the account available to anyone that can turn my computer on. I do not have a password… (read more)

Fire Fox has taken to auto filling my password on my brokerage account. This leaves the account available to anyone that can turn my computer on. I do not have a password saved for the brokerage account and have the company listed to be excluded. This just happened in the last few weeks.

Asked by HowieE 3 months ago

Last reply by HowieE 3 months ago

  • Archived

Unable to get my saves login (Corrupt logins file)

I recently installed my OS and backup the entire profile folder of Firefox. When I put the key4 and logins file in to the fresh install there was only one password in it,… (read more)

I recently installed my OS and backup the entire profile folder of Firefox. When I put the key4 and logins file in to the fresh install there was only one password in it, the remaining passwords were gone. I also noticed that a new file (logins.json.corrupt) is created along with file(logins.json). I tried to paste the files again to fix it but same issue. I think the files are corrupt. Is there any way to fix it?

Asked by Muhammad Hamza Umar 1 year ago

Last reply by Muhammad Hamza Umar 1 year ago

  • Solved
  • Archived

Cookies for websites setup for ALLOW (replacement for post that "disappeared")

As captured in the long thread "What's the difference between ALLOW and ALLOW for a SESSION?”, with a lot of handholding from jscher2000, I managed to set custom choices… (read more)

As captured in the long thread "What's the difference between ALLOW and ALLOW for a SESSION?”, with a lot of handholding from jscher2000, I managed to set custom choices for privacy and security the way I wanted on my mac computer (blocking all cookies in all windows, with exceptions saved for ALLOW, ALLOW for SESSION and some for BLOCK). To accomplish this, required enabling deletion of cookies when Firefox closes.

My assumption based on information I got in the above mentioned thread, was that even when deletion of cookies is checked for when Firefox is closed, cookies for websites identified as exceptions with ALLOWED, are not deleted.

However, this is not what happens. A specific example is tripcheck.com, which stores custom itineraries for cameras in cookies. I setup quite a few of these custom itineraries and saved them and they were OK until I closed Firefox, when they were deleted, as the cookie was deleted. This website is setup as ALLOW in the Exceptions list.

As explained in the above mentioned thread:

"(2) Scenario Two

[X] Delete cookies and site data when Firefox is closed (checked)

Firefox shortens cookie expiration to session only unless the site has an ALLOW permission in the exceptions list. “.

I am more confused than ever, the settings do not appear to be working the way they are meant to work, not only for session cookies but also for what should be "permanent".

Am I doing something incorrectly or am I misunderstanding how setting should work?

If cookies of websites setup for ALLOW are deleted when Firefox is closed, the setting is defeating what I am trying to accomplish: saving cookies for websites that I use and save data in cookies (such as recognizing the computer, what’s needed for 2 step authentication, etc.).

Thanks.

Asked by Sue 1 year ago

Answered by jscher2000 - Support Volunteer 1 year ago

  • Solved
  • Archived

Firefox Browser crashes

The browser crashes about every two or three days. I have enabled all four boxes in preferences (Priv & Sec settings) but the crash reporter does not appear. Is there… (read more)

The browser crashes about every two or three days. I have enabled all four boxes in preferences (Priv & Sec settings) but the crash reporter does not appear. Is there anywhere in the Fedora Linux system where I can get some info about why this keep happening?

Asked by scm999 1 year ago

Answered by scm999 1 year ago

  • Solved
  • Archived

updating firefox

If I try to update firefox browser (via "about") my system answers: It is not allowed because of administrator rules. How can I overcome this barrier? There is no adminis… (read more)

If I try to update firefox browser (via "about") my system answers: It is not allowed because of administrator rules.

How can I overcome this barrier?

There is no administrator besides myself.

Asked by Klauser 1 year ago

Answered by TyDraniu 1 year ago