On May 20, 2022, in a few days, Google will turn off "unsecure access" to Gmail from Thunderbird and Outlook. This will require changing the Thunderbird account settings … (read more)
On May 20, 2022, in a few days, Google will turn off "unsecure access" to Gmail from Thunderbird and Outlook. This will require changing the Thunderbird account settings from "Normal Password" to "OAuth2" for verification. Problem is OAuth2 verification will not work on my Windows 7 laptop. It just runs in circles. A Google page opens, asks my Google account password, accepts it, and then shows a page asking to allow access to the account. Saying yes just closes the window, but no mail gets POPed down to Thunderbird. In my testing, OAuth2 does work on my Windows 10 laptop. If you are as stubborn as me about still using the Win7 computer, you can change your Google account to use 2-factor verification. They will call you or text you every time you log in to the Google account itself, or you can buy a USB dongle. Once you have 2FA setup, you can go to the "Security" sidebar in your Google account, and create an "app password". I said "Mail" and "Windows Computer" and it generates a 16-letter password shown as all caps, but when cut-and-pasted in my Keepass password manager is all small case. You can then go back to, or stay at "Normal Password" in your Thunderbird account settings, and when the password to your Google account fails, put in the app password and check "Remember in Password manager". Then you can POP emails from Gmail again. I don't know if Outlook has these problems. I assume IMAP on Win 7 might have these problems. I did create a new T-bird profile just to try this out. I detailed that misery quest in a previous post: "Almost can get Gmail with 2FA"
The sad thing is my Google password is 15 characters alpha mixed with numeric, I assume case sensitive, and also special characters. So it is much more secure than the app password Google assigned me. Especially more secure now that hackers know our email password is 16 alpha non-case-sensitive. Oh well, that's Google for you. Don't blame them, blame the idiots that set their passwords to Password1.
After figuring out this with the new test Google accounts I made, I just switched one of my three "real" Gmail accounts to 2FA, and an app password for mail. If I read right, if you try to outsmart the system and drop out of Google 2FA, it also invalidates all your app passwords as well.
It would be nice if the T-bird team could see why OAuth2 verification fails in Win7. I posted results in my T-bird error console in that previous post. I hope this is a weird thing that only affects me, but just in case, I thought I would post this for other Win7 dinosaurs out there.