If you’ve recently discovered that your Outlook account is no longer functioning with Thunderbird, you’re not alone.
This issue stems from significant changes made by Microsoft, which have left many users of third-party email apps like Thunderbird scrambling for solutions.
In this article, I’ll break down what’s going on, why your Outlook account no longer works with Thunderbird, and how you can get everything back on track.
What’s Happened?
The problem boils down to Microsoft’s decision to disable Basic Authentication for Outlook and Hotmail accounts in favour of Modern Authentication. This change, fully implemented on 16 September 2024, was part of Microsoft's security strategy to make accounts safer by enforcing the use of OAuth 2.0 (Neowin).
OAuth 2.0 is a more secure authentication method that doesn’t require sharing your username and password with third-party email clients like Thunderbird. Instead, it uses tokens, which provide a much safer and more flexible means of access.
Microsoft has been notifying users about this change throughout 2024, warning that any email or calendar app that doesn’t support OAuth 2.0 will no longer be able to access Outlook accounts (Neowin).
For those who’ve been relying on Thunderbird, which until recently used Basic Authentication, this shift has caused disruption.
Why Did Microsoft Make This Change?
Basic Authentication (in which a client app directly sends a username and password to the server) has long been a security risk. It’s highly vulnerable to phishing attacks, credential stuffing, and other forms of hacking. With more users storing sensitive data in their emails, this older authentication method was no longer deemed adequate by Microsoft.
The solution? Moving to Modern Authentication, specifically OAuth 2.0. By using OAuth 2.0, third-party apps like Thunderbird don’t have to store or transmit your password. Instead, the app requests a token from Microsoft, which is then used to grant access to your account. If a token is compromised, it can be revoked without affecting your password or other aspects of your account (Mozilla Connect) (Neowin).
How to Fix the Issue
The good news is that Thunderbird has supported OAuth 2.0 for a while now, so fixing the issue isn’t too complicated. Follow these steps to get Thunderbird working with your Outlook account again.
1. Update Thunderbird
First things first: make sure your version of Thunderbird is up to date!
OAuth 2.0 support was introduced in Thunderbird quite some time ago, but you’ll need to be on a recent version—preferably Thunderbird 102 or higher—to take full advantage of it.
To check your version:
- Go to Help > About Thunderbird.
- If an update is available, Thunderbird will prompt you to install it.
2. Configure OAuth 2.0 in Thunderbird
Once you’re sure you’re running the latest version, you’ll need to configure your Outlook account in Thunderbird to use OAuth 2.0.
- Open Thunderbird and go to Account Settings.
- Select your Outlook account from the left-hand menu.
- In the Server Settings section, look for the Authentication method dropdown.
- Change the authentication method to OAuth2.
Once this is set, Thunderbird will automatically trigger an OAuth login flow the next time it tries to access your Outlook account. You’ll be asked to log in to your Microsoft account and grant Thunderbird permission to access it (Mozilla Support) (Mozilla Connect).
3. Fixing Issues with Sending Emails
If you’re able to receive emails but encounter issues when trying to send them, it’s likely that the SMTP server settings also need to be updated to use OAuth 2.0.
To do this:
- Go to Account Settings > Outgoing Server (SMTP).
- Select your Outlook account’s SMTP server and click Edit.
- Change the Authentication method to OAuth2, and save your changes.
With these changes in place, you should be able to send emails without further issues (Mozilla Connect).
4. Enable Two-Factor Authentication (Optional)
For those looking to enhance security, you may also want to enable Two-Factor Authentication (2FA) on your Microsoft account. This adds another layer of security, requiring you to confirm your identity using a second device (like a smartphone) whenever you log in.
To enable 2FA:
- Log in to your Microsoft account and go to Security settings.
- Enable Two-step verification, and follow the prompts to set it up.
Note that Thunderbird does not require 2FA to connect to Outlook via OAuth 2.0, but it’s a good option for those who are particularly security-conscious (Mozilla Support).
Troubleshooting Common Issues
If you’ve followed the steps above but are still experiencing issues, here are a few things to check:
Clear OAuth Tokens: Sometimes, old tokens can cause problems. To resolve this, you can go into Thunderbird’s preferences, search for OAuth, and clear any stored tokens for your Microsoft account.
Firewall or Security Software: Ensure that your firewall or antivirus software isn’t blocking Thunderbird’s connection to Microsoft servers. You may need to add Thunderbird to your firewall’s list of approved apps.
Create a New Thunderbird Profile: If all else fails, consider creating a new profile in Thunderbird. Sometimes older profiles have settings that conflict with OAuth 2.0. You can start Thunderbird in Profile Manager mode (
thunderbird.exe -p
on Windows) and create a new profile for your Outlook account (Mozilla Connect) (Neowin).
Alternative Email Clients
If you continue to experience issues or prefer a more seamless experience, you could consider using Microsoft Outlook itself, or other email clients that natively support OAuth 2.0. Many users find that Outlook or even Apple Mail offers better integration with Microsoft services, especially for calendar and contact sync (Neowin).
Microsoft’s move to OAuth 2.0 may have caused a temporary disruption for Thunderbird users, but it’s ultimately a positive step towards better security.
Basic Authentication has been a longstanding weak point in email security, and by transitioning to token-based authentication, Microsoft is ensuring that your personal information stays safe.