We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Avatar for Username

Iskanje po podpori

Izogibajte se prevarantski tehnični podpori. Nikoli vam ne bomo naročili, da pokličete telefonsko številko ali nam pošljete osebne podatke. Sumljivo dejavnost prijavite z gumbom »Prijavi zlorabo«.

Več o tem

Password security

  • 2 odgovora
  • 0 ima to težavo
  • Zadnji odgovor od Ian Smith

Ian Smith
Ian Smith
more options

OK - I must be missing something. On my previous browser, Opera, if I wanted to see details of my passwords then I needed to put in the computer password, so keeping them quite secure. However, Firefox seems to let anyone using the browser to access the full details of all my passwords, even offering to copy them! This has to be the most insecure approach possible - surely this can't be correct, can it?

OK - I must be missing something. On my previous browser, Opera, if I wanted to see details of my passwords then I needed to put in the computer password, so keeping them quite secure. However, Firefox seems to let '''anyone''' using the browser to access the full details of all my passwords, even offering to copy them! This has to be the most insecure approach possible - surely this can't be correct, can it?

Izbrana rešitev

The names and passwords stored in logins.json are encrypted with an encryption key that is stored in the key4.db file. The primary password encypts the key stored in key4.db and thus add an extra security level. If you do not use a primary password then having access to key4.db and logins.json is sufficient to have access to the encrypted names and passwords by placing the two files in a Firefox profile folder.

Preberite ta odgovor v kontekstu 👍 1

Vsi odgovori (2)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

Izbrana rešitev

The names and passwords stored in logins.json are encrypted with an encryption key that is stored in the key4.db file. The primary password encypts the key stored in key4.db and thus add an extra security level. If you do not use a primary password then having access to key4.db and logins.json is sufficient to have access to the encrypted names and passwords by placing the two files in a Firefox profile folder.

Koristno?

Ian Smith
Ian Smith Lastnik vprašanja
more options

I confess, I'm astonished that the default is to allow anyone using the browser to be able to access all password info. This browser is really not suitable for the general public, IMHO.

Koristno?

Vprašajte

Če želite objaviti odgovor, se morate prijaviti v svoj ​​račun. Če računa še nimate, zastavite novo vprašanje.