Gmail server is not accepting my PW anymore, I guess due to new policy restricting less secure apps. After fiddling with their instructions to manage apps that are absent from my account, I'm about to give up on gmail altogether rather than fiddling with t-bird. My version 58.2, works fine (except slow startup) and I don't like updating to avoid unwanted changes.
Any simple solution before I cancel my 20-year old gmail account?
Thank you
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on BlueSky
Follow us on Facebook
Follow us on LinkedIn
Follow us on Mastodon
The change to the new setup for Gmail was on May 30 and the old way of connecting no longer works. Thunderbird tries to automatically change a Gmail account from standard IMAP with password to OATH2 but it doesn't always work. For example, one of my Gmail accounts worked and one didn't.
For the account that failed, remove the account (both IMAP and SMTP) and then add it again using the wizard. Thunderbird should properly set it up with OAUTH2 as part of that process.
Sometimes, the impossible can become possible, if you're awesome!
Thanks for the quick reply, as always
I tried removing account yesterday (not smtp) - did not work. Now tried removing both - still freezes on "checking password".even with Google sigm-in and permissions allowed..Manual configuration says configuration could not be verified, name or PW wrong in both pop and imap. I tried manually - name and PW not accepted. Imap gave me an option to sign in with Google, but pop did not. I chose not to stay signed in and tried again wwhen it did not work, this time did not get an option to sign in with Google. Is that it then? Goodby gmail?
I'd suggest trying to install a fresh copy of the current version of Thunderbird Portable to your Desktop directory and set up your Gmail fresh in that to see if it works. Use the wizard and have it make all the settings itself. If it does, we know something in your profile of your existing version is interfering. If it doesn't, it's something with your PC or your Gmail account.
Sometimes, the impossible can become possible, if you're awesome!
from another provider. It did not work the first time cause they disable pop/imap by default. After I checked to allow it, everything went smoothly. I'm getting fed up with Google so I just might abandon it, but may try your solution later out of curiosity...Thank you again for your help!
I was thinking about Google asking for permission to allow TB access to read, edit, delete etc all correspondence...Does that mean that TB and all other platforms have full access to emails from all addresses they manage? Please enlighten, thank you
Gmail has a single 'email permission' that give whatever app you grant it to full control over all your emails (read, edit, compose, delete, re-file, etc). It's the exact same permissions Thunderbird had before the OATH change by just using IMAP.
Sometimes, the impossible can become possible, if you're awesome!
You mean everybody's correspondence is visible and controllable by all TB staff?! Some secure email providers can see (as they say) only subject lines, but not contents - not the case with TB?
From my understanding, Thunderbird stores and retrieves your email from the server and stores and synchronises a local copy, there is no intermediate Thunderbird server caching or storing so Thunderbird staff or developers can view them.
The permissions prompt asked by Gmail is because a non Google application is asking to access the mail stored by Google, hence the prompt.
If Google is so concerned about privacy why is it mandating permission to a 3d party in order to reinstate TB access? I granted permissions in 2 attempts, but still did not succeed. Does it mean that 3d party now has access to everything?!
The third party is Thunderbird. The app installed on your computer. IMAP give the exact same access you are granting now. There is no change security exposure wise.
Sometimes, the impossible can become possible, if you're awesome!
In your situation when Thunderbird is accessing Gmail, Thunderbird is the third party. If you use another different application or a different installation of the same application, Gmail will prompt for the security permissions.
For example, on my Gmail which I am accessing using both Thunderbird and Outlook, https://myaccount.google.com/security?hl=en reports both Thunderbird and Microsoft Apps & services having access to Gmail.
Edit: I had to give permissions twice, one each for Thunderbird and Outlook separately. Giving permissions to one application does not give permission to another.
to access and manage my mail as they please...early on Mozilla at least pretended to be different...
IMAP allows all of those permissions by default. When you log in to any email server with standard IMAP, it just lets you do all of that. Google has decided to change their IMAP access by restricting it to their OAUTH2 setup only, and part of that is showing you a warning of what it's going to give access to. The type of access has not changed and is just what it always was. Only Google has made any changes here and then Thunderbird was adapted to use their new login. That's all.
Sometimes, the impossible can become possible, if you're awesome!
is not relevant. Most people are not aware that by using IMAP they're giving away their privacy. The Google change simply exposed this outrageous violation of privacy. Does it mean that POP is more secure? It would seem the less one leaves on the server the less exposure to prying eyes?
Also, how would TB encrypting feature help? If I encrypt all TB mail would it still be accessible? Any negative side effects to TB encrypting?
Email has worked like this for the history of email, both POP and IMAP. A single login and password for access to your email.
Google change has the advantage of adding a notification, but it's still a single permission for all email. The disadvantage is that Gmail won't work with any email client that hasn't been updated to support OAUTH2 and had a security review by Google costing thousands of dollars. They appear to have relaxed that last bit according to the Pegasus email client developer.
If you mean encryption for the IMAP/SMTP connection, that encrypts your connection between your mail server and Thunderbird. You shouldn't use any email client or server without that enabled.
Sometimes, the impossible can become possible, if you're awesome!
would it create a problem for recipients who do not have it on their end? That's how I understood it works. In that case, it's practically unfeasible as most people don't have it...
As stated above, if you mean the encryption bit in the server configuration, that is only about the connection between you and the sending/receiving server.
If you're talking about "End-to-End Encryption", that is encryption of the actual email message using keys. This is mostly useless for the general population.
Sometimes, the impossible can become possible, if you're awesome!
what would it do in practice? Who is it really blocking?
It's similar to https. There's no reason not to enable it if it is available on the server you are connecting to. With it off, any device hop along the connection between you and the server can see every single email you are sending/receiving.
Sometimes, the impossible can become possible, if you're awesome!
None of my email addresses have VALID CERTIFICATES under Security. But there are 2 modules that could be supposedly enabled under Security Devices "Enable FIPS"? As a non-techie, I have no clue what it all means...How can I encrypt them all?
Thank you for all your help!
That's for end to end encryption, which you can't use unless the person on the other end also uses it. You've never used it for any email account before. Nor should you start now unless specific other people have it set up or you're willing and able to learn the process and walk others through it.
Sometimes, the impossible can become possible, if you're awesome!
that has no reason NOT to use it?
Click the 3 line menu, then Account Settings, then under your account select Server Settings. It should be set to SSL/TLS under Security Settings. It's probably already set this way automatically. It was likely set this way before Gmail's OAUTH2 change as well.
Sometimes, the impossible can become possible, if you're awesome!
Does it mean that google tried to tighten privacy and wanted users to sign off on the can of worms disclosed if they continue with email clients?! If I understand you correctly, SSL/TLS may shield off occasional outside hackers, but l leaves everything wide opened for everyone who has anything to do with emails - internet providers, email clients etc.?! I guess I always suspected that but google's last disclosure just confirmed it...Still, I picked TB over my ditched gmail account I had since gmail started...Convenience always wins...Too bad, in this country, unlike Europe, we always must sacrifice something for it...
Thanks for your input
I'm not sure Google's reasons. Could be to lock people in. Could be security. Could be wanting to retire the old application-specific password system. Or a combination. Worth noting that even if your email is secure on Gmail's servers and between you and Gmail, that you don't necessarily know about any email hops in between. Email was built without security in mind. Unless you encrypt a given email, it's best to treat is as not secure (don't put social security numbers or their equivalent in them, etc). That's why in the US medical providers aren't allowed to use email to communicate any healthcare info between themselves.
Sometimes, the impossible can become possible, if you're awesome!