http://www.ritlabs.com New posts in pop passwords in protocol logs of forum at www.ritlabs.com [www.ritlabs.com] en http://backend.userland.com/rss2 Thu, 18 Jan 2007 17:04:11 +0200 pop passwords in protocol logs passwords are showing in logs. Seems there's no way to hide them in forum The Bat! - Configuring the E-mail Client.
Thanks for your response, but with all due respect, I stated that I was monitoring activity...indicating that I wasn't just selecting the option to have log files created :-/ Regardless of whether you are or are not using the logging feature for the purpose you describe, a simple warning message under the folder fields indicating to the TB! user that enabling the protocol logging feature will also store their pop login pws would be a good idea...and a button to clear the logs.

As I said, IMO it is a security risk to a) not have the pws obfuscated, b) offer no warning to the TB! user that the passwords will be stored in the logs in plain text c) offer no quick way to erase the logs after using the feature.

---
18 January 2007 17:04:11, Mr Simon.]]> http://www.ritlabs.com/en/forums/forum4/topic4101/message15805/ http://www.ritlabs.com/en/forums/forum4/topic4101/message15805/ Thu, 18 Jan 2007 17:04:11 +0200 The Bat! - Configuring the E-mail Client pop passwords in protocol logs passwords are showing in logs. Seems there's no way to hide them in forum The Bat! - Configuring the E-mail Client.
The protocol log files are intended for debugging purposes when you're experiencing problems. In those cases I can imagine that it can be necessary to see the password that is sent by TB.
I see no reason to use protocol logging at all when you aren't experiencing any problems. After all why would you want a copy of every message you send or receive in your log files.
So I'd disable protocol logging if I were you.
18 January 2007 16:37:46, Roelof Otten.]]> http://www.ritlabs.com/en/forums/forum4/topic4101/message15804/ http://www.ritlabs.com/en/forums/forum4/topic4101/message15804/ Thu, 18 Jan 2007 16:37:46 +0200 The Bat! - Configuring the E-mail Client pop passwords in protocol logs passwords are showing in logs. Seems there's no way to hide them in forum The Bat! - Configuring the E-mail Client.
Been using TB! almost since 'the beginning' and now I'm I'm using the Xmas Edition of TB Pro (3.95.6)! Everything is fine for me, except that I do not see any option in TB! to hide pop passwords in protocol log files.

I was monitoring activity on the protocol log files for all of my accounts in TB! with a program called ABLogFile and noticed that the passwords are stored in the logs in plain text. This makes using protocol logging a huge security risk.

Am I missing an option somewhere, or is there no way to hide the passwords in logs?

---
Simon
18 January 2007 14:55:25, Mr Simon.]]> http://www.ritlabs.com/en/forums/forum4/topic4101/message15800/ http://www.ritlabs.com/en/forums/forum4/topic4101/message15800/ Thu, 18 Jan 2007 14:55:25 +0200 The Bat! - Configuring the E-mail Client