This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

2FA implementation w/o thunderbird

  • 4 respostas
  • 0 have this problem
  • 1 view
  • Last reply by christ1

more options

Would it be possible that the ISP provider implement 2FA only 2FA as login for the possiblity to read the mail via webmail? I ask it because I've read IMAP via thunderbird does not support 2FA? To implement 2FA in an email client like thunderbird I suppose the ISP provider must use OATH2.

Would it be possible that the ISP provider implement 2FA only 2FA as login for the possiblity to read the mail via webmail? I ask it because I've read IMAP via thunderbird does not support 2FA? To implement 2FA in an email client like thunderbird I suppose the ISP provider must use OATH2.

All Replies (4)

more options
I ask it because I've read IMAP via thunderbird does not support 2FA?

Thunderbird does support 2FA for both, POP and IMAP in connection with OAuth2 authentication, but only for certain email providers. Among them are Gmail, AOL, and Yahoo. There are a few others, which I don't remember.

more options

When you have setup an account with OAuth2 in thunderbird can an external person who knows your emailadres and (first) password also setup an email client w/o OAuth2 and read your mails?

more options

I have read to adapt thunderbird to use your gmail account with 2FA the only thing you have to do is changing the authentication method to oauth2. Does this mean you don't have to add a client-id or application password or token or something else for security?

more options
Does this mean you don't have to add a client-id or application password or token or something else for security?

Correct. You do need a second factor though, typically your phone.