Thunderbird: When OAuth2 enabled for one account, all other accounts always prompt for password
I’m using Thunderbird 68.1.2 (32-bit) on Windows 7 Home Premium SP1 (64-bit).
I have 7 email accounts configured in Thunderbird. Until recently, 6 were configured to use POP and 1 was configured to use IMAP. All accounts were configured with authentication method “Normal password”. I don’t save any passwords, so—as expected—each time I opened Thunderbird, it prompted at startup for passwords for all accounts and remembered all passwords for the session. All was well.
A few days ago, I changed one of the POP accounts to IMAP with authentication method “OAuth2”. At that point, I had 5 POP accounts and 1 IMAP account all with authentication method “Normal password”, and 1 IMAP account with authentication method “OAuth2”. With this configuration, Thunderbird would prompt at startup for passwords for the 6 accounts with “Normal password” and not prompt for a password for the 1 account with “OAuth2”. No complaints here.
Here’s the rub: After startup, whenever there was IMAP activity for the IMAP/OAuth2 account, my attempts to get mail for any “Normal password” account would cause Thunderbird to prompt for a password for that account. It was as if IMAP activity on the OAuth2 account made Thunderbird forget the session passwords for the “Normal password” accounts. This seems less than friendly.
Now, when I set the authentication method on the IMAP/OAuth2 account from “OAuth2” to “Normal password”, all works fine: After activity on that IMAP account, Thunderbird no longer prompts for passwords on the other accounts. All is well again.
Just to confirm the issue, I temporarily set that IMAP account back to authentication method “OAuth2” and Thunderbird started to re-prompt for passwords on all other accounts. When I set that IMAP account back to authentication method “Normal password”, the password re-prompting stopped.
I’ve decided that I prefer to be prompted for passwords at startup for all accounts, so setting all accounts to “Normal password” works fine for me. However, I ask the following for the greater good: Has anyone else encountered this issue with “OAuth2”? Is this behavior expected? Is there a setting I could have tweaked to avoid this behavior?
Thanks.
Krejt Përgjigjet (3)
You should have TB 68.2.1 at least because a Google OAuth2 issue was fixed in that version.
https://www.thunderbird.net/en-US/thunderbird/68.2.1/releasenotes/
@sfhowes – Thanks for the suggestion. I upgraded to TB 68.3.1, but alas the problem persists.
Two things that might be relevant: I don't know if Gmail has some issues with IMAP accounts using a mix of OAuth and normal password authentication. With normal password, factors such as access from 'less-secure apps', and two-step verification and app passwords, come into play. Second, when you change the authentication on an account, it's probably a good idea to delete the passwords from Options/Security and re-enter them when TB is restarted, even if they haven't been changed.