I read the following text from the FAQ but still have some questions about how it works. Assuming you don't have a Master Password, are those Private (Secret) keys are stored not encrypted? In one sentence it says they are protected with a random password when imported and in another it says they are unprotected if there is no master password. If they are not protected (encrypted) without a master password being present, what happens when you add one? Do they then get encrypted with that random password? Also what happens to versions that were stored in plaintext? ''How is my personal key protected? At the time you import your personal key into Thunderbird, we unlock it, and protect it with a different password, that is automatically (randomly) created. The same automatic password will be used for all OpenPGP secret keys managed by Thunderbird. You should use the Thunderbird feature to set a Master Password. Without a master password, your OpenPGP keys in your profile directory are unprotected. '' Thanks