Closed
Bug 1211424
Opened 9 years ago
Closed 9 years ago
Master Password can be bypassed
Categories
(Thunderbird :: Untriaged, defect)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 318697
People
(Reporter: daimas, Unassigned)
Details
User Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0 Build ID: 20150917150946 Steps to reproduce: I consider it a bug if the master password can be bypassed by hitting cancel 5 times. Actual results: Certainly can't send or receive emails, but prying eyes can certainly open filed or saved emails. Expected results: A master password should never be able to cancel out.
Comment 1•9 years ago
|
||
Even without hitting cancel, you can read downloaded emails. They're just stored in plain text on the hard drive. The master password is meant for unlocking your *account-specific* passwords, which are necessary for fetching or sending mail. If you'd like to prevent other people from reading already-downloaded messages, you'll need to use another method, such as using OS-wide password protection, or if you're really paranoid, an encrypted disk.
Comment 2•9 years ago
|
||
same as bug 1060307/bug 318697
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•