SHA-256, 384 or 512 for Thunderbird’s Enigmail

My favorite GPG/PGP Thunderbird Plugin uses SHA1 hashes per default. I’ve tried to change it but found no easy way using the menu options. Thanks to Scuba Instructor for telling us how to change it:

SHA-1 is the default hash algorithm for Thunderbird’s Enigmail. As it looks like SHA-1 isn’t secure anymore you should use at least SHA-256 which might be the future strandard algorithm. Here is what you need to do:

Start Thunderbird, click Edit -> Preferences. Go to the Config Editor. Locate extensions.enigmail.mimeHashAlgorithm. Set the value to 3, 4 or 5. Default is 0 which means SHA-1. If you set it to 3 Enigmail will use SHA-256, 4 means SHA-384 and 5 SHA-512. If you set the value to 2 Enigmail will use RIPEMD-160. Not a bad choice either.


— Update Jun 13, 2014

Newer Versions of Enigmail seem to have issues by signing / encrypting Umlaute (German for Characters like äüö). As a workaround, just configure outgoing emails to UTF-8 instead ISO-8859-1. To do so:

  • Open Thunderbird Settings
  • Go to Tab “Display” -> “Formatting”
  • click on “Advanced” at Fonts
  • change “outgoing mail” to UTF-8 encoding

This should help.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s