authentication of yahoo changed; yahoo still says problem.
Thunderbird 78.3.1; Fedora 32.
As instructed in two other Thunderbird threads, I changed my yahoo IMAP e-mail account authentication to "OAUTH2" for 5 e-mail accounts. The changes were done on Sept. 19, Sept. 22, Sept. 25, Sept. 28, and Oct. 01. But on Oct. 06, I received a message from yahoo in each of the 5 accounts saying "Us again. Just a reminder that your Yahoo Mail account needs your attention before 20 October 2020. [... snip ...]". A sixth account that I have not yet changed also received the same message. I've had no problems using these 5 accounts in Thunderbird since making the changes.
How do I know whether or not my changes are correct and will satisfy yahoo's new authentication requirements? How do I test?
Also, is there a way to keep IMAP, and not have all accounts automatically signed in? And is there a way to keep IMAP and log out of specific accounts without closing Thunderbird?
Chosen solution
I think the latest message from Yahoo is just a reminder to change the authentication, if it hasn't already been changed. If you changed to OAuth2 on the incoming and outgoing servers, you shouldn't have any problems on Oct. 20, but there's no way to know until that date.
I don't know of any way to have some accounts active and others not, unless you separate the two types into separate profiles.
Read this answer in context 👍 1All Replies (6)
Chosen Solution
I think the latest message from Yahoo is just a reminder to change the authentication, if it hasn't already been changed. If you changed to OAuth2 on the incoming and outgoing servers, you shouldn't have any problems on Oct. 20, but there's no way to know until that date.
I don't know of any way to have some accounts active and others not, unless you separate the two types into separate profiles.
As of today (Oct. 22, 2020), all my yahoo accounts seem to have been working for three days now. The "oauth2" conversions are working. Those messages from yahoo did not indicate that conversions still needed to be done.
sfhowes, thank-you for your help.
Copied from above:
"I changed my yahoo IMAP e-mail account authentication to "OAUTH2" for 5 e-mail accounts. The changes were done on Sept. 19, Sept. 22, Sept. 25, Sept. 28, and Oct. 01. But on Oct. 06, I received a message from yahoo in each of the 5 accounts saying "Us again. Just a reminder that your Yahoo Mail account needs your attention before 20 October 2020. [... snip ...]"."
In the USA, I got a message "from Yahoo/AT&T" to verify my account, over several days. I finally did that, then a couple of days later found that my e-mail account had been infiltrated, and my account had been set to forward all my e-mails to an account I had never heard of. This resulted in my son almost losing funds from his bank. The real Yahoo/AT&T apparently knows about this, but has not sent any warnings out. If you use Yahoo/AT&T, I recommend checking your e-mail account settings. And yes, I do have a paid security/anti-virus program running all the time, but it did not react.
No legitimate business or organization will include a link in an email that directs you to verify or confirm your account credentials. This is a standard phishing attack that exploits users' tendency to trust official-looking messages.
https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams
for other users, bit more info here on new yahoo settings.
I looked into this when I got the messages, and it said that for Outlook (which I was using) I had to generate an extra password or something. I tried that on an account I don't use any more and it dropped dead. Further research on the yahoo site said that if I used Thunderbird, no actions needed to be taken as it was already compatible. So here I am and it's all fine.