We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Storage of PGP passphrase

  • 10 replies
  • 4 have this problem
  • 1 view
  • Last reply by pstimpel

more options

I have just upgraded from 68.12 to 78.2.2. I used Enigmail but I have migrated to the built-in openPGP. Everything runs as it should.

But it seems that my passphrase has been saved. In the old Enigmail, it used to ask for the passphrase regularly, which I found safer.

So in Thunderbird 78.2.2, is there a way to avoid the saving of the passphrase, or to define how long the passphrase should be saved (e.g. 15 min, session...)? If not, should I then use a master password to protect it? I cannot find the passphrase under saved passwords, so I am not sure where it is stored and therefore if the master password would protect the passphrase.

Thank you!

I have just upgraded from 68.12 to 78.2.2. I used Enigmail but I have migrated to the built-in openPGP. Everything runs as it should. But it seems that my passphrase has been saved. In the old Enigmail, it used to ask for the passphrase regularly, which I found safer. So in Thunderbird 78.2.2, is there a way to avoid the saving of the passphrase, or to define how long the passphrase should be saved (e.g. 15 min, session...)? If not, should I then use a master password to protect it? I cannot find the passphrase under saved passwords, so I am not sure where it is stored and therefore if the master password would protect the passphrase. Thank you!

Chosen solution

In the old Enigmail, it used to ask for the passphrase regularly, which I found safer.

Thunderbird OpenPGP does protect private keys, but it does it differently than Enigmail/GPG. It's the same mechanism that has been used in the past to protect private keys for S/MIME certificates, and for SSL/TLS client side certificates.

Thunderbird uses an automatically created, random password to protect all the OpenPGP secret keys.

An encrypted version of that password is stored in file encrypted-openpgp-passphrase.txt in the Thunderbird profile directory.

The password is encrypted using the Thunderbird Master Password feature. It uses a symmetric key that lives in file key4.db.

By default, file key4.db is unprotected. If you setup a Thunderbird master password, then the keys in file key4.db are password protected, and you will have to unlock it once each time you start Thunderbird, the first time any key from that database is required.

So in Thunderbird 78.2.2, is there a way to avoid the saving of the passphrase, or to define how long the passphrase should be saved (e.g. 15 min, session...)?

You can still use use GPG for secret key operations only, i.e. for signing and decryption. See https://wiki.mozilla.org/Thunderbird:OpenPGP:Smartcards

Note, even though the article is about using smartcards, it also works when the keys managed by GnuPG are stored in the standard software keyring files.

Read this answer in context 👍 1

All Replies (10)

more options
more options

Chosen Solution

In the old Enigmail, it used to ask for the passphrase regularly, which I found safer.

Thunderbird OpenPGP does protect private keys, but it does it differently than Enigmail/GPG. It's the same mechanism that has been used in the past to protect private keys for S/MIME certificates, and for SSL/TLS client side certificates.

Thunderbird uses an automatically created, random password to protect all the OpenPGP secret keys.

An encrypted version of that password is stored in file encrypted-openpgp-passphrase.txt in the Thunderbird profile directory.

The password is encrypted using the Thunderbird Master Password feature. It uses a symmetric key that lives in file key4.db.

By default, file key4.db is unprotected. If you setup a Thunderbird master password, then the keys in file key4.db are password protected, and you will have to unlock it once each time you start Thunderbird, the first time any key from that database is required.

So in Thunderbird 78.2.2, is there a way to avoid the saving of the passphrase, or to define how long the passphrase should be saved (e.g. 15 min, session...)?

You can still use use GPG for secret key operations only, i.e. for signing and decryption. See https://wiki.mozilla.org/Thunderbird:OpenPGP:Smartcards

Note, even though the article is about using smartcards, it also works when the keys managed by GnuPG are stored in the standard software keyring files.

Modified by christ1

more options

I'd prefer that Thunderbird adds a second 'MasterPassword' just for the Mail-Encryption Keys with configureable Interval (0-30 Minutes) how often there is being asked for it like Enigmail did before. The "SmartCard" Way is possible but not really great.

more options

Keeping PGP Private Key Passwords in memory per session is reasonable but saving them for automatic decryption along with account passwords is NOT!

There is a big difference in expected privacy and security levels between an account password and a PGP Private Key Password!

PGP passwords should not reside on disk anywhere! By rights, they should also be explicitly purged from memory upon exiting Thunderbird.

more options

The current 78 version of Thunderbird breaks too many PGP security measures in its zeal to be easy to use.

I've switched back to 68 and Enigmail for now.

I'll see what the future brings. "Interlink" seems to be a Thunderbird clone that supports Enigmail but I haven't tried it yet.

more options

openpgp in thunderbird 78 is a security disaster. It seems that experienced linux users who have been using enigmail with gnupg for years have been completely bypassed with this design decision. Thunderbird 78 will certainly be a relief for Windows users and beginners in encryption issues. But security wise snake oil. By default the passphrase is simply stored without any request if you don't use a master password. Per recipient rules are not possible. Also the use of a smartcard for encryption is not possible. I also switched back to thunderbird 68 and will use it with apparmor as long as possible. Maybe someone will develop a fork, which is suitable for Linux users again. Or I use another mail client.

more options

Perhaps you have not been informed

  • The author of Engimail was very much involved in the implementation of OpenPGP
  • The library used for encryption does not yet support smartcard - but that is expected to change
  • Because of time constraints to deliver OpenPGP in version 78, what you see today is just the first iteration - so compromises were made and there is missing functionality - so there is more to come
more options

Sorry for being a bit upfront about this, but physically storing my gpg password (albeit symmetrically encrypted) for convenience is simply INSANE! It breaks with any and all PGP security measures!

Can you please revert this back to e.g. session or user-definable time span in-memory storage ASAP!

PS: I'm still rubbing my eyes in amazement that Mozilla went for a physical storage of a key's passphrase and that the Enigmail author did give his consent to this!!!

Modified by chabich

more options

Ok, this explains what I see - but I DON'T like it ! My PGP key used to be a LoOOOOnGGGGG passphrase with mixed upper and lower case. My master password is quite simple compared to that.

Now - The security level for PGP is down to that of thunderbird master password. - I need the master password the moment I start thunderbird, so then ALL my PGP-encrypted mails are accessible as well.,

 Convenient , but a security disaster from my perspective.

PLEASE give me the chance back, to set a more complex PGP password and keep it separate from the master password.

[Edit]: I found there exists a thunderbird bug for that https://bugzilla.mozilla.org/show_bug.cgi?id=1688470

I've added my comment from here to that and added the link to this discussion.

[Edit of the Edit] Just realized, that this bug is marked as duplicate of https://bugzilla.mozilla.org/show_bug.cgi?id=1566458 And if I read this (convoluted and confusing thing) correctly, it boils down to "this is working as expected" - shocked...

Modified by MartinJost

more options

After a more or less forced update, thunderbird exposed all my keys and mail content, just by importing PGP keys, and voiding the PGP "standards". OK, reading a faq, applying a masterpassword - which I did not need in the past since all my mails are encrypted and kleopatra was asking me for the passphrases in short intervals. From a security point of view: great behavior of Kleopatra.

I hope the devs reconsider an option to make thunderbird asking for pgp key passphrases, as it is kind of an industrial standard since years. There could be a "break security for convenience" tickbox, but it should be the users decision to tick it or not. guys, please stay away from breaking security features for the sake of convenience.

Another serious issue is not to call the user to set a master password after migrating PGP stuff. If you want to provide convenience, please make it convenient.

Too bad, but this rendered Thunderbird unusable for high security demand. I hope someone is reconsidering this ASAP.

(copied to bugzilla as well)

https://bugzilla.mozilla.org/show_bug.cgi?id=1566458

cheerio