![]() As you assert some folks will assume the wrong thing, but I have spent 10 years trying to explain compacting to that same audience without any appreciable change. ![]() We make no claim at all that we are doing anything but delaying the display of the main mail window until a password is entered in my suggested approach. Probably the same way I have explained it in the support article. This would be fake security and I think that would be bad to promote. other person accessing computer doesn't have that much knowledge). How will you also explain to those users, that since they have access to your computer, they can also trivially read the emails on your disk drive directly without even accessing Thunderbird? They obviously already don't understand that by wanting this option, or think they'll be ok (e.g. (In reply to Mark Banner (:standard8) from comment #6) ![]() Whilst overall, it could be something that Thunderbird provides, is it really worth the effort to implement and support when there's already existing functionality in the user's own operating system that does the same job for free? You could also add encrypting the files on disk, but then you start heading towards what about in-memory scopes, levels of encryption, and impact on performance. ![]() For instance, we've had many reports over the years of users expecting the master password to protect all of Thunderbird, despite preferences clearly saying it only protects passwords. I think explaining this to users easily and clearly - in a way that they'll read, take notice of and understand - is going to be hard. Then you'll get complaints that Thunderbird isn't doing what it says. ![]() Let someone come along who is slightly skilled, and they'll access your profile folder and read your emails there. The issue here is that if you start providing something that says you can't access Thunderbird without entering this password, people will start believing that Thunderbird is protected and no-one can read their email. I still think that's quite reasonable perspective to take, as otherwise you start "going down a rabbit-hole". In the past, we've pretty much always said we won't support this, and recommended separate logins and use OS profile protections, or use an applications which can sandbox other applications. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
February 2023
Categories |