"User Profiles should be able to be protected with passwords." If you agree with the above statement, please vote for this BUG to be fixed here: http://bugzilla.mozilla.org/show_bug.cgi?id=16489 Even better, if you have the knowledge (unfortunately, I can't program) and interest, maybe you could implement this feature. The person managing this bug (Conrad) has been blocking efforts to implement this feature. Only if enough people show interest in this feature and VOTE for it to be fixed, do we have ANY hope of it being implemented. Please help. Here are my arguments for this important feature: =============================== ... there is no absolute need to encrypt the actual files in the profile's directory. That would be overkill. All we need is to be able to deter someone from accidentally entering our profile by hitting ENTER in the profile manager. It will also deter 99% of people who want to take a "peek" at our mail and bookmarks. It would be the same feature as in NC 4.5 - a simple password that permits entry into ones profile. Those who are willing to read through hundreds of pages of difficult to read text files to read our mail will likely not be able to be deterred by encryption either. Please create a simple password protection for profiles for the 99% of us "casual" users. This should be simple enough to implement in a near nightly build ;-) =============================== ... I know it would be "insecure" but it would still deter 99% of casual users who don't even know where the mail files are located. It would also prevent people from accidentally hitting return in the profile manager and entering someone elses profile. MOST users would benefit from this. You could even pop-up a warning message infoming the masses that this protection is not completely secure. If mozilla is to retake the mainstream crown, it must also satisfy the majorities' wishes (even if not 100% "secure"). Encryption can always be added later without redoing the code for this request. =============================== A warning dialogue could appear when selecting to password protect a profile (it is taken DIRECTLY from the NC4.x webpage!!!): "Specifying a password for your local user profile does not encrypt profile data in any way, nor does it prevent others from renaming or deleting profiles, but it can prevent users from inadvertently accessing profile data without first entering a password. This mechanism may therefore be appropriate in a home environment, where members of a family may want to keep their information separate, or for developers who may want to keep their working profile separate from profiles used for testing purposes. It is not appropriate as a replacement for OS-level security, nor should it be used as the only means of protection within a lab or kiosk environment where users have an expectation of privacy. For these environments, administrators may wish to consider Communicator 4.5's Network Install or Roaming Access features, which retrieve profile information from centralized servers." The full text is at: http://home.netscape.com/communicator/v4.5/passwords/index.html =============================== Even if you don't feel as strongly about this as I do, but think it would be a good feature to have, PLEASE vote for it by clicking the link above. -- Regards, Peter Lairo
