eM reveales Passwords with easy trick

Set up an email account in eM Client. Then point the database folder to any location that is only temporarily available such as a NAS drive. If you open eM client next time while the NAS drive is not mounted, it redirects the database WITHOUT PERMISSION to a location that is redable for everybody and unveales all data to the user WITHOUT PASSWORD request. Wow! That actually blows away any level of security.

Hello Björn,

It is for this exact reason that we do not offer the option of choosing the database location when installing eM Client. We do trust that people who go into Settings and change the location there will know what they’re doing. If you’re worried about the security of the database, we would suggest encrypting your windows profile and setting up the eM Client password protected start up.

If you change the location of the database, it will not copy your current database there but create a new one, so you had a database in C:\Users\username\AppData\Roaming\eM Client and then a new one was created on the NAS drive. When eM Client can’t find the location that the database should be in (such as the NAS drive), it looks for a database in the default folder C:\Users\username\AppData\Roaming\eM Client. It certainly doesn’t copy it from a location that it doesn’t have access to. If it then finds a database in the default folder, it starts with the one that is there.