You are here

Lost connection to gmail

26 posts / 0 new
Last post
mozfan
Offline
Last seen: 1 month 1 week ago
Joined: 2013-10-31 19:51
Lost connection to gmail

Gmail server is not accepting my PW anymore, I guess due to new policy restricting less secure apps. After fiddling with their instructions to manage apps that are absent from my account, I'm about to give up on gmail altogether rather than fiddling with t-bird. My version 58.2, works fine (except slow startup) and I don't like updating to avoid unwanted changes.

Any simple solution before I cancel my 20-year old gmail account?

Thank you

John T. Haller
John T. Haller's picture
Online
Last seen: 9 sec ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
Remove and Re-Add

The change to the new setup for Gmail was on May 30 and the old way of connecting no longer works. Thunderbird tries to automatically change a Gmail account from standard IMAP with password to OATH2 but it doesn't always work. For example, one of my Gmail accounts worked and one didn't.

For the account that failed, remove the account (both IMAP and SMTP) and then add it again using the wizard. Thunderbird should properly set it up with OAUTH2 as part of that process.

Sometimes, the impossible can become possible, if you're awesome!

mozfan
Offline
Last seen: 1 month 1 week ago
Joined: 2013-10-31 19:51
not working

Thanks for the quick reply, as always Smile I tried removing account yesterday (not smtp) - did not work. Now tried removing both - still freezes on "checking password".even with Google sigm-in and permissions allowed..Manual configuration says configuration could not be verified, name or PW wrong in both pop and imap. I tried manually - name and PW not accepted. Imap gave me an option to sign in with Google, but pop did not. I chose not to stay signed in and tried again wwhen it did not work, this time did not get an option to sign in with Google. Is that it then? Goodby gmail?

John T. Haller
John T. Haller's picture
Online
Last seen: 9 sec ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
Temporary Fresh Install

I'd suggest trying to install a fresh copy of the current version of Thunderbird Portable to your Desktop directory and set up your Gmail fresh in that to see if it works. Use the wizard and have it make all the settings itself. If it does, we know something in your profile of your existing version is interfering. If it doesn't, it's something with your PC or your Gmail account.

Sometimes, the impossible can become possible, if you're awesome!

mozfan
Offline
Last seen: 1 month 1 week ago
Joined: 2013-10-31 19:51
I just created a new email account

from another provider. It did not work the first time cause they disable pop/imap by default. After I checked to allow it, everything went smoothly. I'm getting fed up with Google so I just might abandon it, but may try your solution later out of curiosity...Thank you again for your help!

mozfan
Offline
Last seen: 1 month 1 week ago
Joined: 2013-10-31 19:51
question

I was thinking about Google asking for permission to allow TB access to read, edit, delete etc all correspondence...Does that mean that TB and all other platforms have full access to emails from all addresses they manage? Please enlighten, thank you

John T. Haller
John T. Haller's picture
Online
Last seen: 9 sec ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
Permission

Gmail has a single 'email permission' that give whatever app you grant it to full control over all your emails (read, edit, compose, delete, re-file, etc). It's the exact same permissions Thunderbird had before the OATH change by just using IMAP.

Sometimes, the impossible can become possible, if you're awesome!

mozfan
Offline
Last seen: 1 month 1 week ago
Joined: 2013-10-31 19:51
I guess I justs didn't think about it...

You mean everybody's correspondence is visible and controllable by all TB staff?! Some secure email providers can see (as they say) only subject lines, but not contents - not the case with TB?

Dominic Tey
Offline
Last seen: 5 hours 20 min ago
Joined: 2021-11-18 05:39
Thunderbird mail stored locally under your control

From my understanding, Thunderbird stores and retrieves your email from the server and stores and synchronises a local copy, there is no intermediate Thunderbird server caching or storing so Thunderbird staff or developers can view them.

The permissions prompt asked by Gmail is because a non Google application is asking to access the mail stored by Google, hence the prompt.

mozfan
Offline
Last seen: 1 month 1 week ago
Joined: 2013-10-31 19:51
What 3d party is it?

If Google is so concerned about privacy why is it mandating permission to a 3d party in order to reinstate TB access? I granted permissions in 2 attempts, but still did not succeed. Does it mean that 3d party now has access to everything?!

John T. Haller
John T. Haller's picture
Online
Last seen: 9 sec ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
Thunderbird

The third party is Thunderbird. The app installed on your computer. IMAP give the exact same access you are granting now. There is no change security exposure wise.

Sometimes, the impossible can become possible, if you're awesome!

Dominic Tey
Offline
Last seen: 5 hours 20 min ago
Joined: 2021-11-18 05:39
Third Party permissions

In your situation when Thunderbird is accessing Gmail, Thunderbird is the third party. If you use another different application or a different installation of the same application, Gmail will prompt for the security permissions.

For example, on my Gmail which I am accessing using both Thunderbird and Outlook, https://myaccount.google.com/security?hl=en reports both Thunderbird and Microsoft Apps & services having access to Gmail.

Edit: I had to give permissions twice, one each for Thunderbird and Outlook separately. Giving permissions to one application does not give permission to another.

mozfan
Offline
Last seen: 1 month 1 week ago
Joined: 2013-10-31 19:51
I don't reemember giving permissions to anyone

to access and manage my mail as they please...early on Mozilla at least pretended to be different...

John T. Haller
John T. Haller's picture
Online
Last seen: 9 sec ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
IMAP has no permissions

IMAP allows all of those permissions by default. When you log in to any email server with standard IMAP, it just lets you do all of that. Google has decided to change their IMAP access by restricting it to their OAUTH2 setup only, and part of that is showing you a warning of what it's going to give access to. The type of access has not changed and is just what it always was. Only Google has made any changes here and then Thunderbird was adapted to use their new login. That's all.

Sometimes, the impossible can become possible, if you're awesome!

mozfan
Offline
Last seen: 1 month 1 week ago
Joined: 2013-10-31 19:51
Whether it was always like that or not

is not relevant. Most people are not aware that by using IMAP they're giving away their privacy. The Google change simply exposed this outrageous violation of privacy. Does it mean that POP is more secure? It would seem the less one leaves on the server the less exposure to prying eyes?

Also, how would TB encrypting feature help? If I encrypt all TB mail would it still be accessible? Any negative side effects to TB encrypting?

John T. Haller
John T. Haller's picture
Online
Last seen: 9 sec ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
Always Like That. Separate

Email has worked like this for the history of email, both POP and IMAP. A single login and password for access to your email.

Google change has the advantage of adding a notification, but it's still a single permission for all email. The disadvantage is that Gmail won't work with any email client that hasn't been updated to support OAUTH2 and had a security review by Google costing thousands of dollars. They appear to have relaxed that last bit according to the Pegasus email client developer.

If you mean encryption for the IMAP/SMTP connection, that encrypts your connection between your mail server and Thunderbird. You shouldn't use any email client or server without that enabled.

Sometimes, the impossible can become possible, if you're awesome!

mozfan
Offline
Last seen: 1 month 1 week ago
Joined: 2013-10-31 19:51
if I enable encryption

would it create a problem for recipients who do not have it on their end? That's how I understood it works. In that case, it's practically unfeasible as most people don't have it...

John T. Haller
John T. Haller's picture
Online
Last seen: 9 sec ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
Which One?

As stated above, if you mean the encryption bit in the server configuration, that is only about the connection between you and the sending/receiving server.

If you're talking about "End-to-End Encryption", that is encryption of the actual email message using keys. This is mostly useless for the general population.

Sometimes, the impossible can become possible, if you're awesome!

mozfan
Offline
Last seen: 1 month 1 week ago
Joined: 2013-10-31 19:51
so if I enable encryption in TB server options

what would it do in practice? Who is it really blocking?

John T. Haller
John T. Haller's picture
Online
Last seen: 9 sec ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
Similar to HTTPS

It's similar to https. There's no reason not to enable it if it is available on the server you are connecting to. With it off, any device hop along the connection between you and the server can see every single email you are sending/receiving.

Sometimes, the impossible can become possible, if you're awesome!

mozfan
Offline
Last seen: 1 month 1 week ago
Joined: 2013-10-31 19:51
Boy, that opened a whole new can of worms...

None of my email addresses have VALID CERTIFICATES under Security. But there are 2 modules that could be supposedly enabled under Security Devices "Enable FIPS"? As a non-techie, I have no clue what it all means...How can I encrypt them all?
Thank you for all your help!

John T. Haller
John T. Haller's picture
Online
Last seen: 9 sec ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
That's EndToEnd

That's for end to end encryption, which you can't use unless the person on the other end also uses it. You've never used it for any email account before. Nor should you start now unless specific other people have it set up or you're willing and able to learn the process and walk others through it.

Sometimes, the impossible can become possible, if you're awesome!

mozfan
Offline
Last seen: 1 month 1 week ago
Joined: 2013-10-31 19:51
so where do I enable the one you menioned earlier

that has no reason NOT to use it?

John T. Haller
John T. Haller's picture
Online
Last seen: 9 sec ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
Account Settings

Click the 3 line menu, then Account Settings, then under your account select Server Settings. It should be set to SSL/TLS under Security Settings. It's probably already set this way automatically. It was likely set this way before Gmail's OAUTH2 change as well.

Sometimes, the impossible can become possible, if you're awesome!

mozfan
Offline
Last seen: 1 month 1 week ago
Joined: 2013-10-31 19:51
Yes, it was already set up

Does it mean that google tried to tighten privacy and wanted users to sign off on the can of worms disclosed if they continue with email clients?! If I understand you correctly, SSL/TLS may shield off occasional outside hackers, but l leaves everything wide opened for everyone who has anything to do with emails - internet providers, email clients etc.?! I guess I always suspected that but google's last disclosure just confirmed it...Still, I picked TB over my ditched gmail account I had since gmail started...Convenience always wins...Too bad, in this country, unlike Europe, we always must sacrifice something for it...

Thanks for your input

John T. Haller
John T. Haller's picture
Online
Last seen: 9 sec ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
Not Sure, Email is not a secure medium

I'm not sure Google's reasons. Could be to lock people in. Could be security. Could be wanting to retire the old application-specific password system. Or a combination. Worth noting that even if your email is secure on Gmail's servers and between you and Gmail, that you don't necessarily know about any email hops in between. Email was built without security in mind. Unless you encrypt a given email, it's best to treat is as not secure (don't put social security numbers or their equivalent in them, etc). That's why in the US medical providers aren't allowed to use email to communicate any healthcare info between themselves.

Sometimes, the impossible can become possible, if you're awesome!

Log in or register to post comments