On 29/03/2021 08.51, Bob Williams wrote:
On Sun, 28 Mar 2021 21:28:00 +0200 Carlos E.R. wrote:
On 28/03/2021 19.16, Doug McGarrett wrote:
On 3/28/21 6:11 AM, Carlos E. R. wrote:
On 28/03/2021 04.45, Doug McGarrett wrote:
Somehow I have accidentally set Thunderbird to open without a password. It's wonderful! It was a royal pita! Now in case it changes back, or if a zypper dup changes it back, I'd like to know how to do it on purpose. I have no reason to need a password for my email. I have no secrets on it, and no porn. If someone should get in and read it, so what? And there's nobody here to read it but me anyway.
You are wrong. Your email can bu used to steal your identity and then the money in your bank or any other business with an internet presence. Or do harm to others, in your name.
My identity is listed on the outgoing mail every time. My bank information is not included in any mail, or even anywhere on my computer. I actually go to the bank when I need to deposit or cash a check, etc.
That's not the problem. Someone may claim it is you by using your email.
The bank is just an example, it can be any other business unknown to you.
It can be something as simple as sending spam in your name.
And Darryl Gregorash says that the password only protects the p/w used to receive and send mail, not the contents thereof. I am not suggesting that the system logon p/w or the su - p/w should be eliminated, only the email one.
Irrelevant.
Once they have your password to send and receive, they get the contents and they read them (and write them). Then they change the password and you are out.
Interesting. I use Claws-Mail rather than Thunderbird. I do not need a 'master' password in Claws-Mail, although every email account within CM needs its own login password. But that is a set once and forget operation. But from what you're saying, Carlos, I am somehow vulnerable?
If someone ever gains read access to your computer, be it somebody in the house, or that your computer is stolen, or your computer is hacked, they can at least read your files and read the password out from some file, which of course they have to know which file it is and that it not protected. Some programs may cipher the password file somehow, but without a password. For example, the system password that you use to login. Some programs store the password in clear text, the only protection being the file permissions: for example, fetchmail. So the danger is relative. However, the need to protect email is bigger now that it was in the past, because many companies provide some kind of remote access and the email is often the identification factor (that you can send and receive with that address). Banks are also using the smart mobile phone, I hope they would not directly trust an email, but who knows. You could email your bank manager whom you know personally and tell them to prepare the sale of some shares or funds, for example. I would not trust a bank remembering that you told them you never use email, the bad guy can say you (I) broke a leg and can not go to the branch in person :-p -- Cheers / Saludos, Carlos E. R. (from 15.2 x86_64 at Telcontar)