Don Spam's Reckless Son wrote:
meagain wrote:
May I assume that passwords are saved in the user profile?
If I then save a copy of the directories with the profile on a cloud
service, like Onedrive, could those passwords etc be seen?
They are saved in an encrypted form. Have you set a master password?
They're saved encrypted *iff* you have set the master password. If you
don't, there's multiple tools out there that can extract saved content.
I know specifically that extraction is possible with one of the tools at
https://nirsoft.net/ . I think I remember testing this one against
setups with and without master password set.
I believe that there's also a tool at Security xPloded. I haven't tried
that one, and I'm guessing that it's Firefox-focused, but it probably
will extract Seamonkey content if you point it at the right folder.
I keep the whole Nirsoft set in my downloads collection. I've never had
to extract unencrypted passwords, but I find that those tools are useful
if I want to demonstrate to users just how vulnerable they are. I work
under the assumption that there's malware that includes scanners for
passwords saved in Mozilla products.
Smith
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey