PDA

View Full Version : [ubuntu] Should I use "Master Password" for Thunderbird?



nrundy
August 6th, 2011, 09:31 PM
On a single user machine with full disk encryption, is there a security advantage to using Thunderbird's "Master Password"?

Are there vulnerabilities where surfing the web could reveal the password/s for the e-mail accounts that are in Thunderbird if I don't have Master Password enabled? or is Master Password intended more for protecting accounts on a computer with multiple users?

Are there significant security advantages to only using webmail instead of Thunderbird over IMAPS?

nrundy
August 7th, 2011, 05:03 PM
bump

MidSpeck
August 11th, 2011, 03:40 AM
On a single user machine with full disk encryption, is there a security advantage to using Thunderbird's "Master Password"?
This will pretty much cover things just fine if someone were to steal that computer or otherwise have offline access to it.


Are there vulnerabilities where surfing the web could reveal the password/s for the e-mail accounts that are in Thunderbird if I don't have Master Password enabled? or is Master Password intended more for protecting accounts on a computer with multiple users?
If somehow I got a program running on your system, I could potentially go and read your Thunderbird configuration and steal passwords without a Master Password.
So, as long as you don't get infected with something, you'll be fine. If you are worried that it is a possibility, use a Master Password.


Are there significant security advantages to only using webmail instead of Thunderbird over IMAPS?
I use Thunderbird with IMAP and TLS. I suppose if someone had access to your computer, and it were on/logged in. I could read all of your email. But the same could be said about webmail.