Join us and the lead editor of IRL, Mozilla's multi-award-winning podcast, for a behind-the-scenes look at the pod and to contribute your ideas for the next season, themed: "AI and ME." Mark your calendar and join our Community Call on Wednesday, Aug 7, 17:00–17:45 UTC. See you there!

Avatar for Username

Vyhľadajte odpoveď

Vyhnite sa podvodom s podporou. Nikdy vás nebudeme žiadať, aby ste zavolali alebo poslali SMS na telefónne číslo alebo zdieľali osobné informácie. Nahláste prosím podozrivú aktivitu použitím voľby “Nahlásiť zneužitie”.

Ďalšie informácie

Táto téma bola archivovaná. Ak potrebujete pomôcť, založte prosím novú otázku.

What is the point of having primary password since I see It doesnt change password hasjes in login.json?

  • 1 odpoveď
  • 0 má tento problém
  • 19 zobrazení
  • Posledná odpoveď od Dropa

ardabro
ardabro
more options

One of the help page say: Firefox Desktop encrypts your passwords locally in your user profile directory using a logins.json file. Firefox Desktop uses simple cryptography to obscure your passwords. Mozilla doesn’t have the ability to see passwords, but Firefox Desktop does decrypt the password locally so that it can enter them into form fields.

My understanding is that my local installation uses some auto-generated key to hash my passwords in logins.json. So I established my primary password hoping that all passwords in logins.json will be re-hashed with my new password. But surprisingly ll hashes remain the same. So, where is the security?

One of the help page say: ''Firefox Desktop encrypts your passwords locally in your user profile directory using a logins.json file. Firefox Desktop uses simple cryptography to obscure your passwords. Mozilla doesn’t have the ability to see passwords, but Firefox Desktop does decrypt the password locally so that it can enter them into form fields. '' My understanding is that my local installation uses some auto-generated key to hash my passwords in logins.json. So I established my primary password hoping that all passwords in logins.json will be re-hashed with my new password. But surprisingly ll hashes remain the same. So, where is the security?

Všetky odpovede (1)

Dropa
Dropa
more options

You can only see the password in the Browser manager and if you want to protect them then you should password protect your system first that will block prying eyes from looking where they shouldn't. One security is only good as the person whom password protects their system. Don't expect the Browser to be the endall of protection.