Yahoo considers any third-party applications that use password-based authentication to be "less secure" and blocks access to them by default. Since Mailspring still connects Yahoo accounts with a password, you'll need to enable access in your Yahoo settings before connecting to Mailspring.
How do I enable Yahoo access for Mailspring?
- Go to https://login.yahoo.com/account/security#other-apps and enable "Allow apps that use less secure sign in" and enable the option
Or, if you are logged into Yahoo already,
- Clear the gear settings icon and choose "Account Info"
- Click on "Account Security"
- Scroll to "Allow apps that use less secure sign in" and enable it
- Log into Mailspring
Should I be concerned about doing this?
Yes and no—If you've chosen a strong password for your Yahoo account, signing in using your password is safe, especially since Mailspring uses SSL when connecting to Yahoo. Yahoo is moving to an OAuth security model so that third party apps can be disabled individually (without you needing to change your Yahoo password.) Mailspring does not send your Yahoo password, or any other mail passwords, to the cloud without your explicit permission and stores it securely in your system keyring / keychain, so your password is safe when you enter it into Mailspring.