"Login to server imap.mail.yahoo.com failed." if "Allow apps that use less secure sign in" is not enabled

RESOLVED INVALID

Status

--
major
RESOLVED INVALID
2 years ago
2 years ago

People

(Reporter: Nick_Levinson, Unassigned)

Tracking

45 Branch
Unspecified
All

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

2 years ago
Yahoo considers Thunderbird as a less-secure app for logging into Yahoo for email. Yahoo doesn't give details but it refused to let me log into Yahoo that way unless I gave permission to Yahoo for a less-secure login, which is temporary, apparently not limited to the current session but how long is unstated. This was on Sep. 17, 2016, using Thunderbird version 45.3.0 on openSuse 13.2 Linux, which I keep evergreen. With 45.4.0 today, login via Thunderbird still fails.

Comment 1

2 years ago
I believe this is covered in bug 1293958
Status: UNCONFIRMED → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1293958

Comment 2

2 years ago
I never had my yahoo account in thunderbird, so I don't know what it was like months or years ago. But I tried it - let autoconfig do its thing - and I get "Login to server imap.mail.yahoo.com failed." unless I enable "Allow apps that use less secure sign in" on the yahoo security page. 

https://help.yahoo.com/kb/account/SLN27791.html?impressions=true describes the setting. But this is not Thunderbird's fault or doing - it's Yahoo's requirement, similar to gmail choices. So not a Thunderbird bug.

The better security choice is of course oauth which requires  bug 1293958. ref: https://help.yahoo.com/kb/SLN5013.html

Simon also recently reported this in bug 1304646
Depends on: 1293958
OS: Linux → All
Resolution: DUPLICATE → INVALID
Summary: security too low for Yahoo login unless I exempt → "Login to server imap.mail.yahoo.com failed." if "Allow apps that use less secure sign in" is not enabled

Comment 3

2 years ago
Another alternative is to enable 2fa (two factor) in yahoo, and get an app password (ala gmail)
You need to log in before you can comment on or make changes to this bug.