Where did you install Firefox from? Help Mozilla uncover 3rd party websites that offer problematic Firefox installation by taking part in our campaign. There will be swag, and you'll be featured in our blog if you manage to report at least 10 valid reports!

Avatar for Username

Cerca nel supporto

Attenzione alle mail truffa. Mozilla non chiederà mai di chiamare o mandare messaggi a un numero di telefono o di inviare dati personali. Segnalare qualsiasi attività sospetta utilizzando l'opzione “Segnala abuso”.

Learn More

Questa discussione è archiviata. Inserire una nuova richiesta se occorre aiuto.

stored password security in firefox

  • 1 risposta
  • 1 ha questo problema
  • 7 visualizzazioni
  • Ultima risposta di cor-el

stuff3
stuff3
more options

I just installed Brave, and clicked on "Import settings & bookmarks", then chose Firefox from a popup list

Without typing my password, or doing anything else, Brave then instantly imported all of the saved passwords that I had stored in Firefox. I can now view all of my most secret saved passwords of Firefox... in Brave

This makes me wonder, if Brave can instantly import (and display in clear text) all of my Firefox saved passwords, couldn't any other rogue app do exactly the same?

Shouldn't they be stored in an encrypted format, at least?

Am I missing something or are the passwords wide open that Firefox saves?

I just installed Brave, and clicked on "Import settings & bookmarks", then chose Firefox from a popup list Without typing my password, or doing anything else, Brave then instantly imported all of the saved passwords that I had stored in Firefox. I can now view all of my most secret saved passwords of Firefox... in Brave This makes me wonder, if Brave can instantly import (and display in clear text) all of my Firefox saved passwords, couldn't any other rogue app do exactly the same? Shouldn't they be stored in an encrypted format, at least? Am I missing something or are the passwords wide open that Firefox saves?

Tutte le risposte (1)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

Are you using a primary/master password because if you do not use it then it is quite easy to get the logins because the encryption key is stored in key4.db (SQLite database) ?

If you use a Primary Password then you shouldn't be possible.