2
The more specific the better. I'm wondering exactly what algorithms Mozilla uses to encrypt usernames and passwords for Thunderbird accounts. (located in the 'signons.sqlite' file in the 'moz_logins' table)
2
The more specific the better. I'm wondering exactly what algorithms Mozilla uses to encrypt usernames and passwords for Thunderbird accounts. (located in the 'signons.sqlite' file in the 'moz_logins' table)
1
Both Thunderbird and Firefox encrypt logins and passwords with 3DES with the key from the key3.db file located in the profile directory, and it encodes the result with base64.
provided Master Password is being used as per this article
– pun – 2015-11-04T03:39:56.843In fact logins and passwords are encrypted whether or not you set a Master Password. Although it seems that setting it changes the key3.db in some way, but not the logins/passwords that were already saved, at least in my version of Thunderbird (31.5.0). – nyibbang – 2015-11-04T09:57:44.273
Not enough rep to edit my comment, but actually Thunderbird used to allow plain text base64 encoded logins and passwords but it does not support it anymore (since the third version of their signons.sqlite database schema according to their code). More recent versions of Thunderbird use a logins.json file instead of the sqlite database though, and although I don't have a recent enough version to confirm, I believe it still uses the same encryption system. – nyibbang – 2015-11-04T10:46:04.440