Interviewed by CNN on 01/12/2012 19:05, Mark Berger told the world: > SM 2.14.1 > Win XP SP 3 > > Is there a way to set up the master password function so it ONLY asks > for it when you want to 'Show Passwords' using the Password Manager? > > I tried turning on Master Passwords "The first time it is needed", but > it then asks for it every time I turn on SM, and twice when I want to > manage passwords. It seems like it's either all the time, or never, > making it difficult to use it just when you only want to protect your > passwords.
OK. You seem to have a somewhat unclear idea about what's involved in protecting your passwords. If you choose a "master password," then your entire password database is ENCRYPTED using that master password. Logically, if you want to read that database, you will need the master password. Now, of course Seamonkey *cannot* save your master password on disk. Doing so would defeat the entire idea of encrypting passwords in the first place: all an attacker would have to do is to look for the master password on disk. (Since Seamonkey is an open source product, there's no effective way to "hide" that master password -- if Seamonkey can get to it, anybody else can too, since the method is all documented in the source code. By the way, even if Seamonkey were a closed-source product such as IE or Opera, hiding the password would help very little anyway. "Security by obscurity" is an outmoded procedure, because it has been shown time and again that it doesn't work). So, no, there's no way to set it up to ask for the master password only when you want to "show passwords." Anything that did that would be essentially giving you no protection at all, while deceiving you into *thinking* you were protected -- which is even more dangerous, because you might entrust something important to a bad security solution. Cryptographically, it would be the equivalent of locking your front door and hiding the key under the doormat. -- MCBastos This message has been protected with the 2ROT13 algorithm. Unauthorized use will be prosecuted under the DMCA. -=-=- ... Sent from my smoke signals pit. * Added by TagZilla 0.7a1 running on Seamonkey 2.14.1 * Get it at http://xsidebar.mozdev.org/modifiedmailnews.html#tagzilla _______________________________________________ support-seamonkey mailing list [email protected] https://lists.mozilla.org/listinfo/support-seamonkey
