This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Remove OAuth2 token on exit automatically

  • 4 replies
  • 1 has this problem
  • 5 views
  • Last reply by Louarntan

more options

Hi!

I set up TB so that the Password Manager doesn't save my passwords (so I have to enter them every time I restart Thunderbird).

Recently, Yahoo! migrated towards OAuth2 protocol, which didn't give the same freedom. Once set up, I used the "change OAuth2 to Normal password in settings" method and it worked beautifully... until now. I can't use this method anymore, as TB warns that "Login to server imap.mail.yahoo.com with username blablabla@yahoo.com failed." again and again (I did check the account in my browser to make sure the password was the right one, remove the account from TB and set it up again). I can't access my mailbox (weirdly enough, that's the case for my yahoo.com address and not my yahoo.fr one, though I guess it's only a matter of time).

Is there a way for TB to delete automatically that OAuth2 token on exit, so that I'll still have to enter my password on start every time? Or is there another method to skip that OAuth2 login page and go back to "Normal password"?

There used to be some addons about passwords but they all seem to be obsolete.

I don't want to use a Master password or a app password, if possible.

Thunderbird 78.7.0 (32-bit) Windows 10 v. 2004 Kapersky 21.1.15

Thanks !

Hi! I set up TB so that the Password Manager doesn't save my passwords (so I have to enter them every time I restart Thunderbird). Recently, Yahoo! migrated towards OAuth2 protocol, which didn't give the same freedom. Once set up, I used the "change OAuth2 to Normal password in settings" method and it worked beautifully... until now. I can't use this method anymore, as TB warns that "Login to server imap.mail.yahoo.com with username blablabla@yahoo.com failed." again and again (I did check the account in my browser to make sure the password was the right one, remove the account from TB and set it up again). I can't access my mailbox (weirdly enough, that's the case for my yahoo.com address and not my yahoo.fr one, though I guess it's only a matter of time). Is there a way for TB to delete automatically that OAuth2 token on exit, so that I'll still have to enter my password on start every time? Or is there another method to skip that OAuth2 login page and go back to "Normal password"? There used to be some addons about passwords but they all seem to be obsolete. I don't want to use a Master password or a app password, if possible. Thunderbird 78.7.0 (32-bit) Windows 10 v. 2004 Kapersky 21.1.15 Thanks !

Modified by Louarntan

Chosen solution

There's no other way around it that I know of. You either use OAuth2 with your primary password or an app password. You could try disallowing cookies so that you're required to sign in each time you start a new Tbird session.

Read this answer in context 👍 0

All Replies (4)

more options

Chosen Solution

There's no other way around it that I know of. You either use OAuth2 with your primary password or an app password. You could try disallowing cookies so that you're required to sign in each time you start a new Tbird session.

more options

Disallowing cookies means that you can't log in, they're required for OAuth2 (at least, that's what the page with the login form says). Tried it too.

Thanks all the same!

more options

Below might/should be helpful: • https://stackoverflow.com/a/63255601/3553808 : Access WebMail Email WebSite From TB WebBrowser TB, Configure TB's IMAP/POP,SMTP to use OAuth2, etc, etc. (please upvote my Q+A both, inside the linked page, if its useful/helpful).

for your case, you may look into the OAuth2 & yahoo related sections. then where its says to "Allow" to add server-name inside Cookie-Exception list, there, instead of "Allow", just choose "Allow For Session". then you will prompted to enter password when you start/restart TB each time.

more options

My bad, I didn't get the email for that answer.

It doesn't work, probably because TB changed in the meantime (I think I do remember OAuth2 tokens being in the "cookies" section and they're now in the "Password Manager" section? Maybe? I'm not sure.). If I accept all cookies and keep them until I close TB, or if I refuse them all except the Yahoo! specific ones until I close TB, I'm still automatically authenticated once I reopen TB.

But thank you all the same for trying!