Why does Google call Thunderbird "less secure"?

It's because those clients (currently) don't support OAuth 2.0.

...beginning in the second half of 2014, we'll start gradually increasing the security checks performed when users log in to Google. These additional checks will ensure that only the intended user has access to their account, whether through a browser, device or application. These changes will affect any application that sends a username and/or password to Google.

To better protect your users, we recommend you upgrade all of your applications to OAuth 2.0. If you choose not to do so, your users will be required to take extra steps in order to keep accessing your applications.

...

In summary, if your application currently uses plain passwords to authenticate to Google, we strongly encourage you to minimize user disruption by switching to OAuth 2.0.

Source: "New Security Measures Will Affect Older (non-OAuth 2.0) Applications" - Google Online Security Blog

Starting with Thunderbird 38 OAuth 2.0 is supported, see https://support.mozilla.org/en-US/kb/thunderbird-and-gmail and https://support.mozilla.org/en-US/kb/thunderbird-and-gmail

Note: If you have an existing gmail account in Thunderbird, you have to change the authentication method in you account settings:

For IMAP in GMail Account settings > Server Settings > Authentication method: "OAuth2"

and for SMTP (sending) there is a separate setting, choose Google Mail (smtp.googlemail.com) > Edit Authentication method again to OAuth2.

(Well, you also could remove your GMail account and create a new one.)