It was not me typing the wrong password, or wrong domain, resource, port, server or whatever.
I only had to generate a password for Pidgin app on facebook.
Some pictures will make it more clear:
|Go to Account Settings.|
|The Security Settings page.|
|The tooltip if you mouse-over Learn more. Now click Generate app passwords.|
|I didn't make any test, but I think this should be the same one you put as Resource in Pidgin's settings.|
|Copy the password and Paste it into your Pidgin password's field. Probably you also want to save it because there's no way to read the password again.|
Now I don't get that firstname.lastname@example.org/Pidgin disabled not authorized error anymore. :)