This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

I use Thunderbird as email client to gmail (I think my terminology is right?), gmail is telling me that Thunderbird as an app has poor security. Please advise.

  • 1 reply
  • 1 has this problem
  • 5 views
  • Last reply by Matt

more options

My thunderbird synchronises just fine with gmail. But recently gmail has been sending me messages advising security issues with thunderbird - per copied message below (if I tighten security settings thunderbird is blocked out):

Hi malcolm, You recently changed your security settings so that your Google Account malcolm.warnes@gmail.com is no longer protected by modern security standards.

Please be aware that it is now easier for an attacker to break into your account. You can make your account safer again by undoing this change here, then switching to apps made by Google such as Gmail to access your account.

Please advise Thanks

My thunderbird synchronises just fine with gmail. But recently gmail has been sending me messages advising security issues with thunderbird - per copied message below (if I tighten security settings thunderbird is blocked out): Hi malcolm, You recently changed your security settings so that your Google Account malcolm.warnes@gmail.com is no longer protected by modern security standards. Please be aware that it is now easier for an attacker to break into your account. You can make your account safer again by undoing this change here, then switching to apps made by Google such as Gmail to access your account. Please advise Thanks

All Replies (1)

more options

Two things. Goggle are being very loos with the truth. They got up one day had a brain F!@#t and decided the web technology oAuth2.0 was going to be the holy grail for email. I am still not convinced getting email programmers to fiddle with web technologies is a good idea.I don't get the vet to check my blood preasure.

Thunderbird, because it shares a core with firefox had no real coding hurdles to adopt oAuth2.0, and has supported it for some years now. For Gmail IMAP as Google in their wisdom do not offer oAuth2.0 for POP mail. Go figure that one in terms of the messages they are sending you.

So if you use IMAP mail you can change the authorization method from password to oAuth2.0 and go with the flow. Just remember to checge the authentication method for the SMTP server as well or you will not be able to send mail.

If you are a POP mail user like I am, you are plain out of luck, you leave less secure apps enabled. Personally I do not see what the fuss is about. But I am not a mathematics graduate with a major in cryptography. I am just someone that is happy with tools that just work for me.

Modified by Matt