Showing results for 
Show  only  | Search instead for 
Did you mean: 
Strollin' around
Status: New idea

In Thunderbird with basic authentication (username/password) you can choose to remember the password or not.

But OAuth2 tokens are automatically saved in Thunderbird. While this is very convenient as long as you have Thunderbird open, I would like to see an option to tell Thunderbird to automatically remove OAuth2 tokens on exit.

I know you can also use app passwords, but that's not what I want. I want to login everytime Thunderbird is opened using OAuth (including MFA), hence the need to remove the tokens on exit.

Thank you for considering this.

Status changed to: New idea
Community Manager
Community Manager

Thanks for submitting an idea to the Mozilla Connect community! Your idea is now open to votes (aka kudos) and comments.

Familiar face

If you remove the token you will be going through the entire oauth authorisation process on every start.  Your provider will have remembered the authorisation,  But Thunderbird will not have.  I really do not see much advantage in forcing yourself to go through multiple pages of authorisations for each start and each account.

However, you can use a batch file to simply delete all the stored passwords files on exit each time to try out how much fun it is.  Delete if they exist logins.json, key3.db, key4.db and  signons.sqlite  Some of those files are obsolete but may well still be present.

Strollin' around

For security ofcourse.

If you can login somewhere, you should also be able to logout. As Thunderbird does not have a logout option, removing the token is the next best thing.

And of course I can write a script for that, but I shouldn't have to. For basic authentication, Thunderbird does not remember my login credentials and does not log me in automatically. I want the same for OAuth authentication.

And I don't mind authenticating every time. That is exactly what I want. It's a small price to pay for added security.