Mozilla will shut down Pocket’s services on July 8, 2025. At that time users will no longer be able to access the Pocket website, apps and API. You can export your saved items and API data until October 8, 2025 before they are permanently removed. For more information, see this article.

Avatar for Username

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

How secure are stored passwords? If someone had access to my Thunderbird folders, how hard would it be for them to crack my password?

  • 1 reply
  • 2 have this problem
  • 37 views
  • Last reply by Matt

atorgovitsky
atorgovitsky

This is with using the Master Password feature. I couldn't find any information on this in the documentation. Thanks!

This is with using the Master Password feature. I couldn't find any information on this in the documentation. Thanks!

Chosen solution

atorgovitsky said

This is with using the Master Password feature. I couldn't find any information on this in the documentation. Thanks!

As you are the one in possession of the master password, the cracking would be exactly as hard as your password. Standard password cracking times apply, probably not more than 10 minutes or so. This site offers to check passwords, I would not suggest you use your real password, but similar things with similar number letters etc will provide a fair suggestion.

However you are talking access to your passwords, not your mail. That is stored on the local machine in plain text. It is not password protected in any way.

Despite dictionary hacking and passwords supposedly being more secure if they have upper case items and pubctuation. A phrase like "thisisareallylongpasswordtomakeitsecuremymothertoldmetodoit" is actually quite secure and easy to remember. Just lots of things limit password lengths. Old programs particularly often limit you to eight characters for instance.

Read this answer in context 👍 2

All Replies (1)

Matt
Matt
  • Moderator
  • Top 10 Contributor

Chosen Solution

atorgovitsky said

This is with using the Master Password feature. I couldn't find any information on this in the documentation. Thanks!

As you are the one in possession of the master password, the cracking would be exactly as hard as your password. Standard password cracking times apply, probably not more than 10 minutes or so. This site offers to check passwords, I would not suggest you use your real password, but similar things with similar number letters etc will provide a fair suggestion.

However you are talking access to your passwords, not your mail. That is stored on the local machine in plain text. It is not password protected in any way.

Despite dictionary hacking and passwords supposedly being more secure if they have upper case items and pubctuation. A phrase like "thisisareallylongpasswordtomakeitsecuremymothertoldmetodoit" is actually quite secure and easy to remember. Just lots of things limit password lengths. Old programs particularly often limit you to eight characters for instance.

Modified by Matt