Is it possible to enable paste in the pin entry in thunderbird?

Question

As Evolution does not support TLS Client Certificate Authentication, I have switched to using Thunderbird.

I also use gpg encryption. As my pgp pin is rather long, I store it in a password manager. When I click on an encrypted mail in thunderbird, a popup will appear, requiring me to enter the pin. However, I am not able to paste into that field. This was possible with Evolution.

I imagine, somebody thought that this increases security, but I don't think so and I would like to be able to paste into this field. So, here are my questions:

1. Is this a feature or a bug?
2. How could I disable it / how could I enable pasting into this field?

Answer 1

No, it is not possible, as the whole point of pinentry is that the password doesn't leak anywhere in plain text and using copy and paste defeats that.

However, there is a workaround. If your password manager supports Autotype (as e.g. KeepassX and Keepass do), you can modify the autotype sequence. In Keepassx you would enter the following text to the Comment box of the entry:

Auto-Type: {PASSWORD}{ENTER}

and right-click on perform auto-type. Note however, that your password manager needs to be unlocked and visible on the screen before pinentry appears, as it will also block your alt-tab.

Sources:

• https://unix.stackexchange.com/questions/160548/usage-of-pinentry-with-keepass2-for-gpg-mail-encryption

• https://bugs.launchpad.net/ubuntu/+source/pinentry/+bug/326132

• Trial and error