Mozilla VPN is currently experiencing an outage. Our team is actively working to resolve the issue. Please check the status page for real-time updates. Thank you for your patience.

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Emails encryption in 78 vs Enigmail - does TB 78 decrypt and store the encrypted emails as plain text?

  • 6 replies
  • 1 has this problem
  • 11 views
  • Last reply by christ1

more options

Hi,

I have been a long time user of the Enigmail and I really like how it works: - when you receive an encrypted email it prompts you for your private key password. The password is cached for 5 mins or so. - when want to read older encrypted emails I had to enter the password again - which was fine with me - drafts were encrypted - if someone copies my profile at least they don't have access to my encrypted emails

All in all it's all about privacy & protection.

Now, I upgraded to 78. I use a master password. When I open TB, it prompts me to enter the master password, but I can choose to cancel. And I can still see all my emails including the encrypted emails!!!

If someone gets my profile they can see my encrypted emails as well.

Thunderbird seems to use my private keys without prompting me for password!

Who designed this behaviour?

Hi, I have been a long time user of the Enigmail and I really like how it works: - when you receive an encrypted email it prompts you for your private key password. The password is cached for 5 mins or so. - when want to read older encrypted emails I had to enter the password again - which was fine with me - drafts were encrypted - if someone copies my profile at least they don't have access to my encrypted emails All in all it's all about privacy & protection. Now, I upgraded to 78. I use a master password. When I open TB, it prompts me to enter the master password, but I can choose to cancel. And I can still see all my emails including the encrypted emails!!! If someone gets my profile they can see my encrypted emails as well. Thunderbird seems to use my private keys without prompting me for password! Who designed this behaviour?

All Replies (6)

more options

I just checked more emails that I know I sent encrypted and TB decrypts them automatically even though I did not enter the master password!!!

At this point, if you are a user that uses email encryption I do not advise you to upgrade from 68.

more options

Also, note that you can't simply use version 68 against a profile used with 78. It doesn't work. Make sure you have a backup of your 68 profile. Fortunately I do have a backup and I am going to restore my profile from the backup and then install back 68.

more options

err as enigmail does not work at all either the addon or the built components in V78, how are you doing that? Last I heard there were no scheduled updates of earlier versions until V78.2 when it was expected that the enigmail/ PGP encryption would be implemented as an inbuilt process.

I have in recent weeks seen folks using third party "updater" applications getting new versions, as I have seen a few from Linux distributions that obviously only have automated updaters. But Thunderbird will not have prompted you to update to V78 on it's own as updates are turned off.

more options

I am using a mac, I downloaded the 78.1.1 dmg file and I installed it (it replaced version 68). Then I imported the private keys using Tools Migrate Enigmail Settings. I have 2 keys. It prompted me for password 4 times, the last two times it give me an error each time, but eventually it imported them successfully.

Now they keys are used to decrypt the emails even when I don't enter the master password which imo is very bad.

I don't know where the imported keys are stored exactly (do they encrypt the private key?) and whether the emails themselves are decrypted on the fly or their plain text version is stored locally once decrypted.

The enigmail model made a lot of sense to me, and I just don't get why we go backwards.

Anyway, I am going to downgrade tonight back to 68.

Modified by bogc

more options

IIRC I remember reading about a password issue. It will be resolved by an update of 78 and the Enigmail migrator.

more options

Could be this bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1656287

If so, follow the instructions in comment #20 to fix the problem.