Message-ID:

That wouldn't be good enough. -- Larry Wall in <199710131621.JAA14907@wall.org>

computers / alt.comp.software.thunderbird / Re: OAuth2

OAuth2

<uoqu61$1pr8v$1@dont-email.me>

https://www.rocksolidbbs.com/computers/article-flat.php?id=2671&group=alt.comp.software.thunderbird#2671

copy link Newsgroups: alt.comp.software.thunderbird

Path: i2pn2.org!i2pn.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: ed@somewhere.in.the.uk (Ed Cryer)
Newsgroups: alt.comp.software.thunderbird
Subject: OAuth2
Date: Wed, 24 Jan 2024 12:00:41 +0000
Organization: A noiseless patient Spider
Lines: 6
Message-ID: <uoqu61$1pr8v$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Wed, 24 Jan 2024 12:01:05 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="654d552268e545af38d97a2b4758baab";
logging-data="1895711"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18kn5poAqrOTm5qBuBRkWRl"
User-Agent: Betterbird (Windows)
Cancel-Lock: sha1:+q7m84NUZdSPwxTynvEbanYQJB4=
Content-Language: en-US

by: Ed Cryer - Wed, 24 Jan 2024 12:00 UTC

Re: OAuth2

<l1cd83Fdn6kU1@mid.individual.net>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=2672&group=alt.comp.software.thunderbird#2672

copy link Newsgroups: alt.comp.software.thunderbird

Path: i2pn2.org!i2pn.org!usenet.goja.nl.eu.org!weretis.net!feeder8.news.weretis.net!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: usenet@andyburns.uk (Andy Burns)
Newsgroups: alt.comp.software.thunderbird
Subject: Re: OAuth2
Date: Wed, 24 Jan 2024 12:13:56 +0000
Lines: 18
Message-ID: <l1cd83Fdn6kU1@mid.individual.net>
References: <uoqu61$1pr8v$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Trace: individual.net zNeLKMfYmqjkVxoGvfwKGgiHtQgyZEbcSIuZ6SfFEqZQaBjJBO
Cancel-Lock: sha1:a2PL+FMOeK+0iyCpPTt9/6fjLKQ= sha256:X6BdXoLKFGVY3Y/Q2d81DUY4dFXAuYn/+tgBB49VTFQ=
User-Agent: Mozilla Thunderbird
Content-Language: en-GB
In-Reply-To: <uoqu61$1pr8v$1@dont-email.me>

by: Andy Burns - Wed, 24 Jan 2024 12:13 UTC

Ed Cryer wrote:

> I see that both Tbird and Bbird have switched from "Normal password" to
> "OAuth2" authentication.
> I'm wondering why just now, how will this affect things other than
> B/Tbird, is it a change that will stay.

When you say "switched", TB has supported oAuth2 since before gmail
started requiring* it.

I don't think oAuth2 is TB's default, what makes you think anything has
changed recently?

[*] OK not exactly required, but certainly easiest.

Re: OAuth2

<uor90i$1rv6e$1@paganini.bofh.team>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=2673&group=alt.comp.software.thunderbird#2673

copy link Newsgroups: alt.comp.software.thunderbird

Path: i2pn2.org!rocksolid2!news.neodome.net!weretis.net!feeder8.news.weretis.net!paganini.bofh.team!not-for-mail
From: nospam@unokix.invalid (AllanH)
Newsgroups: alt.comp.software.thunderbird
Subject: Re: OAuth2
Date: Wed, 24 Jan 2024 09:05:55 -0600
Organization: To protect and to server
Message-ID: <uor90i$1rv6e$1@paganini.bofh.team>
References: <uoqu61$1pr8v$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Wed, 24 Jan 2024 15:05:54 -0000 (UTC)
Injection-Info: paganini.bofh.team; logging-data="1965262"; posting-host="Fz6STYoiXzGSVpdGThUqZg.user.paganini.bofh.team"; mail-complaints-to="usenet@bofh.team"; posting-account="9dIQLXBM7WM9KzA+yjdR4A";
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:115.0) Gecko/20100101
Betterbird/115.7.0
Cancel-Lock: sha256:nwh0b/ogMeXZA29w0e46zuB2GTv9Uzwliugv+M6p9SU=
X-Notice: Filtered by postfilter v. 0.9.3
Content-Language: en-US

by: AllanH - Wed, 24 Jan 2024 15:05 UTC

On 1/24/2024 6:00 AM, Ed Cryer wrote:
> I see that both Tbird and Bbird have switched from "Normal password" to
> "OAuth2" authentication.
> I'm wondering why just now, how will this affect things other than
> B/Tbird, is it a change that will stay.
>
> Ed

For my mail account, authentication is still "Normal password" for the
POP Mail Server and the Outgoing Server (SMTP).

Re: OAuth2

<uor8vd$1rlvq$1@dont-email.me>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=2674&group=alt.comp.software.thunderbird#2674

copy link Newsgroups: alt.comp.software.thunderbird

Path: i2pn2.org!rocksolid2!news.neodome.net!news.mixmin.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: worldoff9908@gmail.com (NFN Smith)
Newsgroups: alt.comp.software.thunderbird
Subject: Re: OAuth2
Date: Wed, 24 Jan 2024 08:05:15 -0700
Organization: A noiseless patient Spider
Lines: 26
Message-ID: <uor8vd$1rlvq$1@dont-email.me>
References: <uoqu61$1pr8v$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Wed, 24 Jan 2024 15:05:17 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="1b79b113015a1781c391a09a25a61e6b";
logging-data="1955834"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18mo6dBOx3ruyiZ0d9DaKYU883Ky0U9G68="
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Firefox/91.0 SeaMonkey/2.53.18.1
Cancel-Lock: sha1:muhdPKJGQsEtCbjElPJ+Wmvn39Q=
In-Reply-To: <uoqu61$1pr8v$1@dont-email.me>

by: NFN Smith - Wed, 24 Jan 2024 15:05 UTC

Ed Cryer wrote:
> I see that both Tbird and Bbird have switched from "Normal password" to
> "OAuth2" authentication.
> I'm wondering why just now, how will this affect things other than
> B/Tbird, is it a change that will stay.
>
> Ed

That's not a requirement coming from Thunderbird or Betterbird, but from
your Mail Service Provider. Thunderbird has supported OAuth2 for years.

I know that Gmail uses OAuth2, and Microsoft has strong preference for
it, although I don't know if consumer-grade Outlook requires it. With
corporate-grade setups, my impression is that mail admins can choose to
require or not.

OTOH, there are other implementations of some form of Multi-Factor
Authentication, typically an application password. I know that Yahoo
does this, where the defined user password is used for web-based access,
but where you have to get a separate password for use with IMAP/POP/SMTP.

If your provider is now requiring OAuth2, consider that to be a
permanent thing, and will apply to any client you decide to use.

Smith

Re: OAuth2

<uorkpo$1tilo$1@dont-email.me>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=2678&group=alt.comp.software.thunderbird#2678

copy link Newsgroups: alt.comp.software.thunderbird

Path: i2pn2.org!i2pn.org!newsfeed.endofthelinebbs.com!news.hispagatos.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: chriechers@netscape.net.invalid (Christian Riechers)
Newsgroups: alt.comp.software.thunderbird
Subject: Re: OAuth2
Date: Wed, 24 Jan 2024 19:27:04 +0100
Organization: A noiseless patient Spider
Lines: 28
Message-ID: <uorkpo$1tilo$1@dont-email.me>
References: <uoqu61$1pr8v$1@dont-email.me> <uor8vd$1rlvq$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Wed, 24 Jan 2024 18:27:04 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="89994fcd7a49a542288a094f48648846";
logging-data="2017976"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/29WodMgDDw7bRaxaCIKlj"
User-Agent: Betterbird (Linux)
Cancel-Lock: sha1:kAWJaIITjfuZcf4QnMQ0nTBXJm0=
Content-Language: en-US, de-DE
In-Reply-To: <uor8vd$1rlvq$1@dont-email.me>

by: Christian Riechers - Wed, 24 Jan 2024 18:27 UTC

On 1/24/24 16:05, NFN Smith wrote:
> Ed Cryer wrote:
>> I see that both Tbird and Bbird have switched from "Normal password"
>> to "OAuth2" authentication.
>> I'm wondering why just now, how will this affect things other than
>> B/Tbird, is it a change that will stay.

<snip>

> I know that Gmail uses OAuth2, and Microsoft has strong preference for
> it, although I don't know if consumer-grade Outlook requires it. With
> corporate-grade setups, my impression is that mail admins can choose to
> require or not.
>
> OTOH, there are other implementations of some form of Multi-Factor
> Authentication, typically an application password.
OAuth2 authentication has got nothing to do with 2-step authentication.
These are entirely different things.

> I know that Yahoo
> does this, where the defined user password is used for web-based access,
> but where you have to get a separate password for use with IMAP/POP/SMTP.

Yahoo used to use app passwords. But they also do support OAuth2
authentication for quite a while now. With that no app passwords are
needed anymore. With OAuth2 the main account password must be used.

Re: OAuth2

<uorm9d$1tsrs$2@dont-email.me>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=2679&group=alt.comp.software.thunderbird#2679

copy link Newsgroups: alt.comp.software.thunderbird

Path: i2pn2.org!i2pn.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: alan@invalid.com (Big Al)
Newsgroups: alt.comp.software.thunderbird
Subject: Re: OAuth2
Date: Wed, 24 Jan 2024 13:52:29 -0500
Organization: A noiseless patient Spider
Lines: 8
Message-ID: <uorm9d$1tsrs$2@dont-email.me>
References: <uoqu61$1pr8v$1@dont-email.me> <uor8vd$1rlvq$1@dont-email.me>
<uorkpo$1tilo$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Wed, 24 Jan 2024 18:52:29 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="3dba090510a7727fd2b291cc3c3556e2";
logging-data="2028412"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+0T5mPxK0IX2nIF6wxuDSIoFTjdqzMgx8="
User-Agent: Mozilla Thunderbird
Cancel-Lock: sha1:ecRm+Can1CbNNrMKMY5k0Qf7tHo=
In-Reply-To: <uorkpo$1tilo$1@dont-email.me>
Content-Language: en-US

by: Big Al - Wed, 24 Jan 2024 18:52 UTC

Re: OAuth2

<uormk7$1trv4$1@dont-email.me>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=2680&group=alt.comp.software.thunderbird#2680

copy link Newsgroups: alt.comp.software.thunderbird

Path: i2pn2.org!i2pn.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: chriechers@netscape.net.invalid (Christian Riechers)
Newsgroups: alt.comp.software.thunderbird
Subject: Re: OAuth2
Date: Wed, 24 Jan 2024 19:58:15 +0100
Organization: A noiseless patient Spider
Lines: 9
Message-ID: <uormk7$1trv4$1@dont-email.me>
References: <uoqu61$1pr8v$1@dont-email.me> <uor8vd$1rlvq$1@dont-email.me>
<uorkpo$1tilo$1@dont-email.me> <uorm9d$1tsrs$2@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Wed, 24 Jan 2024 18:58:15 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="89994fcd7a49a542288a094f48648846";
logging-data="2027492"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/LSNziMbIWpa+PH1QU8POx"
User-Agent: Betterbird (Linux)
Cancel-Lock: sha1:jIWDXSGU7Jqb+6nrTtZuyzNTLS4=
Content-Language: en-US, de-DE
In-Reply-To: <uorm9d$1tsrs$2@dont-email.me>

by: Christian Riechers - Wed, 24 Jan 2024 18:58 UTC

On 1/24/24 19:52, Big Al wrote:
> On 1/24/24 01:27 PM, Christian Riechers wrote:
>> With OAuth2 the main account password must be used.
> Once to set up. Then the setup alters TB and puts in the scrambled
> password. You can see it in settings, but don't change it.

TB doesn't alter anything. With OAuth2 authentication TB remembers an
OAuth2 authentication token, not the account password. The token expires
after some time, and you'll then be prompted again for your credentials.

Re: OAuth2

<uornk2$1u5rf$1@dont-email.me>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=2681&group=alt.comp.software.thunderbird#2681

copy link Newsgroups: alt.comp.software.thunderbird

Path: i2pn2.org!i2pn.org!news.neodome.net!news.mixmin.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: ed@somewhere.in.the.uk (Ed Cryer)
Newsgroups: alt.comp.software.thunderbird
Subject: Re: OAuth2
Date: Wed, 24 Jan 2024 19:14:42 +0000
Organization: A noiseless patient Spider
Lines: 31
Message-ID: <uornk2$1u5rf$1@dont-email.me>
References: <uoqu61$1pr8v$1@dont-email.me> <l1cd83Fdn6kU1@mid.individual.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Wed, 24 Jan 2024 19:15:14 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="654d552268e545af38d97a2b4758baab";
logging-data="2037615"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19yXir1Es7pI2KhUDtb5gEj"
User-Agent: Betterbird (Windows)
Cancel-Lock: sha1:4950+Y4JvKSvDNp018yLv13QcV8=
In-Reply-To: <l1cd83Fdn6kU1@mid.individual.net>
Content-Language: en-US

by: Ed Cryer - Wed, 24 Jan 2024 19:14 UTC

Andy Burns wrote:
> Ed Cryer wrote:
>
>> I see that both Tbird and Bbird have switched from "Normal password"
>> to "OAuth2" authentication.
>> I'm wondering why just now, how will this affect things other than
>> B/Tbird, is it a change that will stay.
>
> When you say "switched", TB has supported oAuth2 since before gmail
> started requiring* it.
>
> I don't think oAuth2 is TB's default, what makes you think anything has
> changed recently?
>
>
>
>
> [*] OK not exactly required, but certainly easiest.
>

A couple of days ago I started getting the "enter password" dialogue in
Bbird for my old hotmail account. I'd made no changes recently.

Looking at Settings I saw that there'd been a move from "Normal
password" to "OAuth2". I certainly didn't do that.

Shortly thereafter I saw that Bbird had an update in the pipeline.

Re: OAuth2

<uorpkk$1ufu7$1@dont-email.me>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=2682&group=alt.comp.software.thunderbird#2682

copy link Newsgroups: alt.comp.software.thunderbird

Path: i2pn2.org!i2pn.org!news.1d4.us!usenet.goja.nl.eu.org!weretis.net!feeder8.news.weretis.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: worldoff9908@gmail.com (NFN Smith)
Newsgroups: alt.comp.software.thunderbird
Subject: Re: OAuth2
Date: Wed, 24 Jan 2024 12:49:38 -0700
Organization: A noiseless patient Spider
Lines: 28
Message-ID: <uorpkk$1ufu7$1@dont-email.me>
References: <uoqu61$1pr8v$1@dont-email.me> <uor8vd$1rlvq$1@dont-email.me>
<uorkpo$1tilo$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Wed, 24 Jan 2024 19:49:40 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="1b79b113015a1781c391a09a25a61e6b";
logging-data="2047943"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+s3ep49awXVCjRiqBOnTcdGKCxmlhZVEg="
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Firefox/91.0 SeaMonkey/2.53.18.1
Cancel-Lock: sha1:3uvOZVqi6c9aF92YFMx8mH3OMSw=
In-Reply-To: <uorkpo$1tilo$1@dont-email.me>

by: NFN Smith - Wed, 24 Jan 2024 19:49 UTC

Christian Riechers wrote:
> On 1/24/24 16:05, NFN Smith wrote:

>
>> I know that Yahoo does this, where the defined user password is used
>> for web-based access, but where you have to get a separate password
>> for use with IMAP/POP/SMTP.
>
> Yahoo used to use app passwords. But they also do support OAuth2
> authentication for quite a while now. With that no app passwords are
> needed anymore. With OAuth2 the main account password must be used.

It's been several years since I last looked at my Yahoo configs. I'm
not surprised that they're supporting OAuth2, although they're not (yet)
forcing use, and I've had no problem with creating a Yahoo IMAP
connection on an alternate setup, using the app password.

I've done enough with Microsoft-based stuff that requires OAuth2, that
I'm comfortable with it, and once I got used to the extra pop-up that is
used to create the extra authentication token, I think it's easier than
the app password. My primary mail provider still uses the app password
approach.

Smith

Re: OAuth2

<uorpn8$1u8nt$4@dont-email.me>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=2683&group=alt.comp.software.thunderbird#2683

copy link Newsgroups: alt.comp.software.thunderbird

Path: i2pn2.org!i2pn.org!news.1d4.us!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!1.us.feeder.erje.net!feeder.erje.net!news2.arglkargh.de!news.mixmin.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: alan@invalid.com (Big Al)
Newsgroups: alt.comp.software.thunderbird
Subject: Re: OAuth2
Date: Wed, 24 Jan 2024 14:51:04 -0500
Organization: A noiseless patient Spider
Lines: 16
Message-ID: <uorpn8$1u8nt$4@dont-email.me>
References: <uoqu61$1pr8v$1@dont-email.me> <uor8vd$1rlvq$1@dont-email.me>
<uorkpo$1tilo$1@dont-email.me> <uorm9d$1tsrs$2@dont-email.me>
<uormk7$1trv4$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Wed, 24 Jan 2024 19:51:05 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="69f1878c2f5584c0a80c5f8d4b69dc2d";
logging-data="2040573"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/3ZHBcCzP+HmVR1w/dVTTXUX1FXETZA3k="
User-Agent: Mozilla Thunderbird
Cancel-Lock: sha1:bSU6Z6yyOPsUdGjg+IGdH5QvZ14=
Content-Language: en-US
In-Reply-To: <uormk7$1trv4$1@dont-email.me>

by: Big Al - Wed, 24 Jan 2024 19:51 UTC

On 1/24/24 01:58 PM, Christian Riechers wrote:
> On 1/24/24 19:52, Big Al wrote:
>> On 1/24/24 01:27 PM, Christian Riechers wrote:
>>> With OAuth2 the main account password must be used.
>> Once to set up. Then the setup alters TB and puts in the scrambled
>> password. You can see it in settings, but don't change it.
>
> TB doesn't alter anything. With OAuth2 authentication TB remembers an
> OAuth2 authentication token, not the account password. The token expires
> after some time, and you'll then be prompted again for your credentials.
You're right. By alter, I was implying that the real password was
replace as you say with the OAuth2 password.
--
Linux Mint 21.2 Cinnamon
Al

Re: OAuth2

<l1dnttFn9deU1@mid.individual.net>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=2684&group=alt.comp.software.thunderbird#2684

copy link Newsgroups: alt.comp.software.thunderbird

Path: i2pn2.org!rocksolid2!news.neodome.net!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: void-invalid-dead-dontuse@email.invalid (Brian Gregory)
Newsgroups: alt.comp.software.thunderbird
Subject: Re: OAuth2
Date: Thu, 25 Jan 2024 00:22:21 +0000
Organization: https://www.Brian-Gregory.me.uk/
Lines: 14
Message-ID: <l1dnttFn9deU1@mid.individual.net>
References: <uoqu61$1pr8v$1@dont-email.me> <l1cd83Fdn6kU1@mid.individual.net>
<uornk2$1u5rf$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Trace: individual.net Vn4OGT0H+v2bPnw6mBhjJQVFrIR/4oA0cg9DxAxh7BqNrLJgHa
Cancel-Lock: sha1:c8VzW0dKgnrBEkK7szhCrOI9QbY= sha256:7J7BWaXSCnlHRD2dTNMS2TvKw2g/KF0eE26HBzwX68s=
User-Agent: Mozilla Thunderbird
Content-Language: en-GB
In-Reply-To: <uornk2$1u5rf$1@dont-email.me>

by: Brian Gregory - Thu, 25 Jan 2024 00:22 UTC

On 24/01/2024 19:14, Ed Cryer wrote:
> A couple of days ago I started getting the "enter password" dialogue in
> Bbird for my old hotmail account. I'd made no changes recently.
>
> Looking at Settings I saw that there'd been a move from "Normal
> password" to "OAuth2". I certainly didn't do that.
>
> Shortly thereafter I saw that Bbird had an update in the pipeline.

I think Microsoft now require Oauth2 for applications to access hotmail.

--
Brian Gregory (in England).

Re: OAuth2

<up32qt$3dfd4$1@dont-email.me>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=2685&group=alt.comp.software.thunderbird#2685

copy link Newsgroups: alt.comp.software.thunderbird

Path: i2pn2.org!i2pn.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: vseerror@fastmail.com (Wayne)
Newsgroups: alt.comp.software.thunderbird
Subject: Re: OAuth2
Date: Sat, 27 Jan 2024 09:09:30 -0500
Organization: A noiseless patient Spider
Lines: 6
Message-ID: <up32qt$3dfd4$1@dont-email.me>
References: <uoqu61$1pr8v$1@dont-email.me> <l1cd83Fdn6kU1@mid.individual.net>
<uornk2$1u5rf$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Sat, 27 Jan 2024 14:09:33 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="77d4bb186fb878c28505433be735a64d";
logging-data="3587492"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/DHWWESNqxzFKKJBA6xeRP"
User-Agent: Thunderbird Daily
Cancel-Lock: sha1:CJ+3PFL72/9ABjjvYTsFcddv+I4=
Content-Language: en-US
In-Reply-To: <uornk2$1u5rf$1@dont-email.me>

by: Wayne - Sat, 27 Jan 2024 14:09 UTC

On 1/24/24 2:14 PM, Ed Cryer wrote:
> Looking at Settings I saw that there'd been a move from "Normal
> password" to "OAuth2". I certainly didn't do that.

Thunderbird may automatically update accounts to oauth *if* the mail
provider supports it.

Re: OAuth2

<up3jc0$3g93m$2@dont-email.me>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=2686&group=alt.comp.software.thunderbird#2686

copy link Newsgroups: alt.comp.software.thunderbird

Path: i2pn2.org!i2pn.org!paganini.bofh.team!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: ed@somewhere.in.the.uk (Ed Cryer)
Newsgroups: alt.comp.software.thunderbird
Subject: Re: OAuth2
Date: Sat, 27 Jan 2024 18:51:25 +0000
Organization: A noiseless patient Spider
Lines: 12
Message-ID: <up3jc0$3g93m$2@dont-email.me>
References: <uoqu61$1pr8v$1@dont-email.me> <l1cd83Fdn6kU1@mid.individual.net>
<uornk2$1u5rf$1@dont-email.me> <up32qt$3dfd4$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Sat, 27 Jan 2024 18:51:44 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="a8f52e4f2655f7fdbe83bbebcdb714d7";
logging-data="3679350"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/gsd12APmFH4p88GCYRTii"
User-Agent: Betterbird (Windows)
Cancel-Lock: sha1:fK3twuMB6Pcin1Y/zWL4HThyLN8=
In-Reply-To: <up32qt$3dfd4$1@dont-email.me>
Content-Language: en-US

by: Ed Cryer - Sat, 27 Jan 2024 18:51 UTC

Wayne wrote:
> On 1/24/24 2:14 PM, Ed Cryer wrote:
>> Looking at Settings I saw that there'd been a move from "Normal
>> password" to "OAuth2". I certainly didn't do that.
>
> Thunderbird may automatically update accounts to oauth *if* the mail
> provider supports it.

OK, but I wish they'd let me know beforehand.
I sussed it quite quickly, but I suspect there are others who didn't.

Subject	Author
OAuth2	Ed Cryer
Re: OAuth2	Andy Burns
Re: OAuth2	Ed Cryer
Re: OAuth2	Brian Gregory
Re: OAuth2	Wayne
Re: OAuth2	Ed Cryer
Re: OAuth2	AllanH
Re: OAuth2	NFN Smith
Re: OAuth2	Christian Riechers
Re: OAuth2	Big Al
Re: OAuth2	Christian Riechers
Re: OAuth2	Big Al
Re: OAuth2	NFN Smith