Icedove fails to send a new message and every time requires the password for Posteo
- Inicie sesión o regístrese para enviar comentarios
It has been occurring maybe since a month or two months ago. I use Posteo account and Disroot account on Icedove. I can receive emails from both accounts by Icedove (so I was neglecting the problem). I can send a new message of Disroot by Icedove. But I cannot send a new message with Posteo by Icedove. And it always requires the password for Posteo when I try to send an email. But maybe I forgot the password. Since it can receive emails, I think Icedove remembers the password. I want to know the password. Is there a way to know the password?
Burger (three stacked segments) menu -> Preferences -> Preferences -> Security -> Passwords -> Saved Passwords... -> Show Passwords -> Yes.
Thanks. The password was correct. It has been rejected. Icedove seems very unsafe. I will use some other client.
FYI, I had followed this instruction precisely.
https://www.gabriel.urdhr.fr/2015/01/15/recover-a-password-in-a-process-memory/
>Today, I managed to forget a password but I had a Icedove (Thunderbird) process running containing the password.
>The first thing to do is to take a core dump of the process:
# I don't want other people to read my core dump:
umask 022
# I don't want my core dump to be written on disk, let's go on a tmpfs:
cd /tmp
gcore -o core $(pgrep icedove)
>The basic idea is to use use strings to extract all the strings in the core dump and filter out as much entries as possible: you look start strings core | uniq | less and add filters in the pipeline to remove as many entries as possible.
>I ended up with something similar to this:
strings core.2169 |
# Remove some useless stuff:
grep -v ZZZ | grep -v /usr | grep -v /lib | grep -v /bin |
# Add constraints on the characters used in the password:
grep [0-9] | grep [a-z] | grep [A-Z] |
# Add constraints on the length of the password:
grep -Ev '.{20}' | grep -E '.{5}' |
# Let's look at what's left:
uniq | less
>There were still, more than 36000 entries but I searched a password that I remembered and the forgotten password was a few line around the other one.
Icedove seems very unsafe.
What makes you think so?
It is obvious. Icedove requires the password, despite It stores the password. Icedove started to ask the password about a month ago. Before that (just for about a month though), it had never asked that. Don't you think it is suspicious? Besides, I have typed the password correctly once when it asked but it refused that as a wrong password. I am pretty sure that someone must have tested me on my stupidness whether I would type the password in the suspicious text box or not. Because he must have already stolen the correct password. Despite you can confirm the correct password with that Burger, if it asks that every time you try to send an email, don't you think it is suspicious? Besides even if the password was correct, it refuses that. So I think that at least my Icedove is already unsafe. Or is it safe? I have already made PGP key or GPG key or something on Icedove. It is very troublesome to make it again so if you can assume my Icedove still to be safe, it is good for me. Do people trust an encrypted email that was generated by a email client that does such a suspicious behavior? If you professionals can trust, I would have to do nothing.
By the way, since about an hour, now Pidgin started to ask the password for an account very persistently (very persistent), despite I closed Pidgin itself. Like a popup, every minutes it appears and requires the password. Or is this a normal security function or something of free software? (Such kind of persistent stuff and sneaky stupid configurations (e.g. the eternal costly loop) are often observed on proprietary software too though)
Edit: I posted on the wrong thread :P
- Inicie sesión o regístrese para enviar comentarios