What Yahoo calls “less secure” is just the good old fashioned “password based” login – where a mail app sends your password to Yahoo’s servers, over an encrypted network connection.
This is how it’s worked for years and years, with pretty much all mail providers.
Now, the new tech, called OAUTH2, is more secure (it doesn’t need to send the passwords to the mail servers at all), but it doesn’t mean that passwords are suddently not secure.
And this is the cherry on top:
Even though Yahoo started enforcing OAUTH2 –
– they still have not provided a way to make mail apps support their requirements.
There are numerous messages on their developer support forums, even from someone at Samsung it seems – and no response whatsoever.
And therefore, for now, the only way to use Yahoo mail with any third party app, is to re-enable “access from less secure apps”.
( the only exceptions seem to be the Gmail app and the Outlook app, well, they probably knew who to call )
Please follow this support article, the relevant link is near the end:
PS: AquaMail already supports OAUTH2 for GMail, Hotmail and Yandex.
These companies have provided the relevant technical info on making it work. Yahoo, however, does not seem capable or willing.