Mozilla VPN is currently experiencing an outage. Our team is actively working to resolve the issue. Please check the status page for real-time updates. Thank you for your patience.

Trang web này sẽ có chức năng hạn chế trong khi chúng tôi trải qua bảo trì để cải thiện trải nghiệm của bạn. Nếu một bài viết không giải quyết được vấn đề của bạn và bạn muốn đặt câu hỏi, chúng tôi có cộng đồng hỗ trợ của chúng tôi đang chờ để giúp bạn tại @FirefoxSupport trên Twitter và /r/firefox trên Reddit.

Tìm kiếm hỗ trợ

Tránh các lừa đảo về hỗ trợ. Chúng tôi sẽ không bao giờ yêu cầu bạn gọi hoặc nhắn tin đến số điện thoại hoặc chia sẻ thông tin cá nhân. Vui lòng báo cáo hoạt động đáng ngờ bằng cách sử dụng tùy chọn "Báo cáo lạm dụng".

Tìm hiểu thêm

yahoo password did not succeed (Yahoo thinks Thunderbird is "less secure")

  • 4 trả lời
  • 1 gặp vấn đề này
  • 2 lượt xem
  • Trả lời mới nhất được viết bởi cookiePJones

more options

Yahoo mail is blocking access to my account from Thunderbird because it apparently considers Thunderbird a "less secure app".

I just set up Thunderbird for first time, using my Yahoo account, but was never able to connect. Kept getting error "Sending of password ... did not succeed. Mail server pop.mail.yahoo.com responded: Server error. Please try again later."

Then I see an email from Yahoo saying they blocked it:

"Your account is currently not enabled to sign in from apps that do not meet modern security standards (ex. Older versions of mail and calendar apps such as Outlook). As a result, we prevented a sign in to your Yahoo account... ... We strongly recommend that you switch to Yahoo's apps ... and remove your account from all other less secure apps."

It's true, I did set the Yahoo mail option to not allow "apps that use less secure sign in", I suppose I can change it if I really have to - but would prefer if Thunderbird could be set to use more secure login settings - is that possible? I had used the default security settings: Connection security= SSL/TLS, Authentication=Normal Password.

Any suggestions?

Yahoo mail is blocking access to my account from Thunderbird because it apparently considers Thunderbird a "less secure app". I just set up Thunderbird for first time, using my Yahoo account, but was never able to connect. Kept getting error "Sending of password ... did not succeed. Mail server pop.mail.yahoo.com responded: Server error. Please try again later." Then I see an email from Yahoo saying they blocked it: "Your account is currently not enabled to sign in from apps that do not meet modern security standards (ex. Older versions of mail and calendar apps such as Outlook). As a result, we prevented a sign in to your Yahoo account... ... We strongly recommend that you switch to Yahoo's apps ... and remove your account from all other less secure apps." It's true, I did set the Yahoo mail option to not allow "apps that use less secure sign in", I suppose I can change it if I really have to - but would prefer if Thunderbird could be set to use more secure login settings - is that possible? I had used the default security settings: Connection security= SSL/TLS, Authentication=Normal Password. Any suggestions?

Giải pháp được chọn

Thunderbird CAN NOT use the oAuth2.0 authentication until Yahoo ar prepared to issue tokens for mail applications to use. So really we have tried. Yahoo do not appear interested, so I suggest you enable less secure apps or move to Google where oAuth2.0 has been working since Thunderbird 38 because they actually issue the application tokens.

Đọc câu trả lời này trong ngữ cảnh 👍 0

Tất cả các câu trả lời (4)

more options

Giải pháp được chọn

Thunderbird CAN NOT use the oAuth2.0 authentication until Yahoo ar prepared to issue tokens for mail applications to use. So really we have tried. Yahoo do not appear interested, so I suggest you enable less secure apps or move to Google where oAuth2.0 has been working since Thunderbird 38 because they actually issue the application tokens.

more options

Matt said

Thunderbird CAN NOT use the oAuth2.0 authentication until Yahoo ar prepared to issue tokens for mail applications to use. So really we have tried. ...

Oh, so THAT's what they mean ... Okay, thanks Matt.

p.s. Can you suggest any others besides Google who use oAuth2.0? (preferably a good paid service rather than "free")

more options

cookiePJones said

Matt said
Thunderbird CAN NOT use the oAuth2.0 authentication until Yahoo ar prepared to issue tokens for mail applications to use. So really we have tried. ...

Oh, so THAT's what they mean ... Okay, thanks Matt.

p.s. Can you suggest any others besides Google who use oAuth2.0? (preferably a good paid service rather than "free")

I can not offer you anything with regard to paid providers other than they exist. Not because of any policy, simply because I do not know.

oAuth2.0 is not really a mail protocol, it is a web browser protocol. One of the reasons so few email programs support it, is that they have to act essentially as a web browser while the authorization dialogs are displayed. Personally I find that somewhat frightening. It is Ok for Thunderbird, we have the Firefox browser components to draw on, but the security implication of having email people start writing web browsers is truly worrying.

Basically oAuth is technically more secure, but it is also persistent, as someone noticed recently, the authorization persists after you delete the password from Thunderbird. So it is a horses for courses thing. Personally I think a user name and password is about as good, as long as the password falls into the passphrase category. http://www.useapassphrase.com/

But the best protection is a provider that locks your account after a number of incorrect attempts. All the information you will see talks about how long passwords take to crack, but this is based on computers throwing millions of guesses and trying again until they get it right. If you account is locked out after 3 or 4 bad attempts then it will take forever to guess your password another attempt can not be made until you go through the steps to again resume use of our account.

In the end, nothing preserves your data on a server except encryption of that data, so regardless of the connection method used, your data is not secure if the provider is hacked. Which is how Yahoo managed to loose something like a billion user names and passwords.

more options

Really good point.