Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

Passwords Thunderbird

  • 1 reply
  • 1 has this problem
  • 16 views
  • Last reply by david

david598
david598
more options

Hi I work for in a corporate environment and due to security policies our employees and staff members are not allowed to see their thunderbird passwords

This however is an issue considering that you can just go to privacy and security and select show passwords and get immediate access to all passwords. Primary passwords are not ideal either considering the employees can't know them as well and you need your pp to sign into thunderbird in the first place.

I have tried disabling the show passwords button by adding the pref.privacy.disable_button.view_passwords;0 setting to the config editor as a boolean and setting it to true but the 'Show Passwords' button is still accessible.

Is there any way of hiding stored passwords in thunderbird without having to log out of the account?

Hi I work for in a corporate environment and due to security policies our employees and staff members are not allowed to see their thunderbird passwords This however is an issue considering that you can just go to privacy and security and select show passwords and get immediate access to all passwords. Primary passwords are not ideal either considering the employees can't know them as well and you need your pp to sign into thunderbird in the first place. I have tried disabling the show passwords button by adding the pref.privacy.disable_button.view_passwords;0 setting to the config editor as a boolean and setting it to true but the 'Show Passwords' button is still accessible. Is there any way of hiding stored passwords in thunderbird without having to log out of the account?
Attached screenshots

All Replies (1)

david
david
  • Top 10 Contributor
more options

You have a difficult challenge, as TB wasn't designed for that role. Whatever is set can be unset, as explained in this URL: http://kb.mozillazine.org/Restricting_user_actions_-_Thunderbird If passwords must be controlled, I propose setting that control at the server where only admins have access. Or set up server access such that the TB profile is restored overnight every day. Or possibly define a means to lock files from being changed. TB is the weakest link here. The user who is intent on violating policy can find workarounds here, such as installing a portable version. Unless the control tool is solely under admin control, there will be violations or exposure. That's my view.