Closed Bug 91916 Opened 23 years ago Closed 14 years ago

Master password not required to be set when encrypting sensitive information

Categories

(SeaMonkey :: Passwords & Permissions, defect)

Product:
SeaMonkey
Component:
Passwords & Permissions
Platform:
x86
Windows 98
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INVALID
Milestone:
Future

People

(Reporter: barrowma, Unassigned)

References

Details

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Win98; en-US; rv:0.9.2) Gecko/20010723
Netscape6/6.1
BuildID:    20010723

If you have no saved usernames/passwords and have not set your master password,
when you select "Tasks > Privacy and Security > Password Manager > Encrypt
Sensitive Information", you are not asked to set the master password.  

Reproducible: Always
Steps to Reproduce:
1. Create a new profile with the profile manager
2. Run the browser with the new profile
3. Select the "Tasks > Privacy and Security > Password Manager > Encrypt
Sensitive Information" menu option

Actual Results:  There is no immediate UI feedback but when you look at the menu
again, you see that the "Encrypt Sensitive Information" is greyed out, and the
"Obscure Sensitive Information" is active (not greyed out).

Expected Results:  The client should have done one of two things:

1. Demand that the Master Password (which is currently not set) be set by the
user.  This is what happens when there are saved username/passwords.

or 

2. Inform the user that there is nothing to encrypt.
We ask for a master password only at the time that we are actually going to do 
an encryption.  So if there is nothing to encrypt, we don't ask for the master 
password yet.  As soon as you store the first value, you will get prompted for 
the master password.

As such, this is not a bug because the product is behaving as designed.  
Therefore I'm futuring this request.
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Target Milestone: --- → Future
I checked "encryption" and it works (I see the difference in the .s file), but I
have never been asked for a master password.
Reassigning to new module owner.
Assignee: morse → dveditz
Status: ASSIGNED → NEW
Product: Browser → Seamonkey
Assignee: dveditz → nobody
See also bug # 286969 - No warning message, when passwords are stored without a master password.

By default, Firefox should prompt for the creation of a Master Password, when a password is saved for the first time.
QA Contact: tpreston
This is INVALID, as encryption with an empty master password is an intended feature (and the default setting now).
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.