Thunderbird does not ask for password when sending second mail !!!
Gilles Gravier
ggravier at fsfe.org
Thu Jul 12 08:07:32 UTC 2012
Basil,
On 12/07/2012 10:02, Basil Chupin wrote:
> On 11/07/12 15:57, Jkhatri wrote:
>> Dear all
>>
>> I'm using thunderbird 13.0.1 on my ubuntu 12.04,
>>
>> when I start Thunderbird for the first time during a day it asks for
>> password to receive the mail , and it also asks for password when I
>> send first new email or reply to any received mail, thats ok , but
>> after that done successfully whenever I try send/reply to 2nd mail it
>> does not ask for password it simply sends the mail. I want to
>> configure Thunderbird to ask for password each and every time I send
>> mail , is there any configuration available in Thunderbird ???
>>
>>
>> Thanks in advance
>>
>> Warm Regards
>> ./
>> Jatin khatri
>
> (I know that I just should not get involved in this, but being a
> student of how to resolve problems asked by some people - I cannot
> resist...)
>
> Jatin, why EXACTLY are you asking this question? What is it that is
> concerning you to ask the above question? Let me explain a bit.....
>
> You get the first e-mail for the day and reply to it with Thunderbird
> asking you for your password - but then when you want to send any
> subsequent (ie, other, following, e-mails) you want it to also ask
> again, and again, and again, and again, for each e-mail, after the
> very first e-mail, your password. Is this a correct description of
> what your request for help?
>
> If this is so, my question is: what is so special about your
> subsequent e-mails, after the first one you sent, which would want you
> to have Thunderbird ask you every time for you password?
Potential security issue. If he forgets to log off when he goes to get a
tea or a coffee, somebody can use his logged-in TBird session to send
e-mails impersonating him. Sometimes the automatic screenlock takes
place after a few minutes. Window of opportunity for somebody to come
and do nasty things. If you are in an environment where such activity is
a risk (university, cyber cafe, office area, hospital, you name it),
then it would be nice to have an option to "always require password for
sending mail". I.e. to disable the password caching mecanism.
Think "sudo" when you use "sudo" you get prompted for a password. If you
use sudo immediately after, no need to re-enter a password. If you wait
a few minutes, you are prompted again for your password. Sudo is a
dangerous command that somebody using your session should not be able to
re-use if you used it before giving them access. Same goes for sending
e-mail (in some contexts as explained above).
Gilles.
More information about the ubuntu-users
mailing list