Closed
Bug 483387
Opened 15 years ago
Closed 15 years ago
password forgotten on fake authentication error
Categories
(Thunderbird :: Security, defect)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 121647
People
(Reporter: sysman, Unassigned)
Details
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.5) Gecko/2008120121 Firefox/3.0.5 Build Identifier: 2.0.0.18 If the remote server temporarily denies the login (eg. @gmail.com recently had problems) thunderbird deletes the stored password and asks again. If the user don't remembers the password, he can't login again until returning at home where he may have stored the passwords in a secure place. This is really a very annonying usability issue. The easy fix (to travel with a copy of the passwords in a plain text file) would be a security risk added to the copy already kept by thunderbird itself. Thunderbird correctly prompts for a new password in order to try to "update" it under authentication errors, but should NOT DELETE the last password stored until a new one is reported to work (in order to give the old password a new try, at least when the application is restarted). Reproducible: Always
Comment 1•15 years ago
|
||
Same request as Bug 435306 ? For IMAP case, especially for Gmail IMAP's frequent denial of login case, Bug 423354 exists and was already improved by patch for Bug 422814(trunk only).
Updated•15 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 15 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•