Support
Support
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Thunderbird email password security flaw

SamirTavares1
Making moves

‎30-06-2025 08:16 AM

Dear all;

There is a SERIOUS security flaw in Thunderbird email passwords, when Thunderbird exports SMTP email passwords to mobile devices, any user can read the QR code and take the email log home and interact as if they were the user.
Google emails require two-step authentication, but other emails end up being stolen along with the password by any cell phone that has the Thunderbird app without any security. This way, employees can steal corporate email accounts without authorization.

0 Kudos
Reply
4 REPLIES 4

siffemcon
Contributor

‎30-06-2025 11:53 AM

You can report bugs at https://github.com/thunderbird/thunderbird-android/issues/new/choose/.

Reply

wsm
Thunderbird Team
Thunderbird Team

‎13-07-2025 02:10 PM - edited ‎13-07-2025 02:11 PM

@SamirTavares1 you can choose in Thunderbird desktop to NOT export passwords.  Are you sure smtp passwords are included when you do this?  If it does, then the place to report desktop bugs is https://bugzilla.mozilla.org/enter_bug.cgi?product=thunderbird

0 Kudos
Reply

Leecpa
Making moves

‎06-10-2025 03:54 PM

When I press Cancel twice, at the password screen, my mail system opens up. What is going on?

 

 

 

0 Kudos
Reply

siffemcon
Contributor
In response to Leecpa

‎06-10-2025 06:38 PM

Different problem, please make a new post at https://support.mozilla.org/en-US/questions/thunderbird.

0 Kudos
Reply
Copyright © 2025 Khoros, LLC