Thunderbird - Yahoo e-mail issues - Older Protocol Issue

[DaveLembke]

Was looking into why I haven't gotten e-mail from my yahoo accounts through Thunderbird and found this info:

My sign-in attempt was prevented

If you receive the Username or password invalid warning and the Sign-in attempt prevented email when you try to connect your Yahoo Mail with Thunderbird, Yahoo has blocked Thunderbird from connecting because it's a "less secure" non-Yahoo app. You should enable an option to allow apps that use less secure sign-in in your Yahoo Account. See this Yahoo support page for instructions.

As found here: https://support.mozilla.org/en-US/kb/thunderbird-and-yahoo

Was wondering if anyone had any suggestions on a Mail Client that might work with Yahoo?

Since looking all around Thunderbird support pages I have found nothing done to fix this issue other than their suggestion of going into your Yahoo E-Mail account preferences and checking a check box to allowing older less secure protocol to make it work.

I liked that Thunderbird gave me access to all my e-mail accounts all from one mail client, as well as mail that was downloaded was also stored for offline viewing when with my laptop away from internet.

Figured I'd check to see if anyone had a solution to this other than to set my e-mail preferences in Yahoo to lesser secure older protocol. Obviously I can still get to my mail through the browser to Yahoo, but I miss having all my e-mail in one spot. If there is a mail client other than Thunderbird that works with newer protocols, I'd be interested in that if not too much money and no other solution out there.

[BC_Programmer]

It's an attempt to force people to use their apps.

Yahoo's E-mail apps effectively work as browsers which communicate with their server via what is known as oAuth2. Mail clients like Thunderbird can use this too, however, one of the caveats of the approach is that each client requires it's own API Token. Yahoo's Apps, unsurprisingly, all have an issued token. Yahoo, however, refuses to issue a token for Mail clients such as Thunderbird- as a result, they cannot connect.

It's not a security consideration since SSL/TLS E-mail connections are perfectly adequate. Yahoo considers them "less secure" for no reason but their own- The only difference would seem to be Yahoo's ability to directly control what software can interface with their mail servers, and encourage people to use their Apps. (Which I'd be surprised if they weren't rife with advertisements!)

As an interesting aside- Google also uses oAuth2, however, unlike Yahoo, they happily issued Thunderbird with an API Token.

Considering Yahoo seems to have a major security incident at least once a year I'm not sure I'd accept their security advice as being from a position of any form of authority. In 2012 they were found to be storing passwords in their database in plain text, they've had frequent security breaches, security problems where they use poor security on things like "remember me cookies" which allowed hackers to log in as anybody and steal data from over a billion accounts... and now they want to get haughty about SSL/TLS somehow not being sufficient for E-mail clients?

[Geek-9pm]

I think I have a similar issue using Thunderbird and Apple i cloud.
So far I have not found an answer. Apple e-mail is perfect on my old iPad, but I can not get it on Windows using Thunderbird. 

[DaveLembke]

Cool... Thanks BC for clearing this up. Gonna go make that adjustment so that my mail will get to Thunderbird.