Avatar for Username

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

Learn More

话题已存档。 如果需要帮助请提出新问题。

Legacy Password Editor removed; is Firefox Master Password Editor Now Secure?

  • 2 个回答
  • 3 人有此问题
  • 1 次查看
  • 最后回复者为 Happy112

SweetFacz3913
SweetFacz3913
more options

To reiterate, Legacy Password Editor removed; is Firefox Master Password Editor Now Secure? Past history: I had used Password Editor (Legacy), the updated version of Firefox's Password Editor, via a developer. I was quite happy with the latter and never had a problem. Since Legacy's demise, I have subscribed to McAfee SafeKey, and quickly rescinded my account for same. Now, I am using LastPass, which is an involved, secure program. For me, too involved and, referred to as a remarkable program, it has plenty of quirks and mistakes, like not filling in login information. So annoying!

Therefore, yearning for the simplicity of Firefox's Password Editor, I pose the question w/Quantum, currently v57.0.2, is Firefox's Master Password Editor considered viable, i.e., secure?

Thanks in advance for a security/safety review of the current Firefox Password Editor.

To reiterate, Legacy Password Editor removed; is Firefox Master Password Editor Now Secure? Past history: I had used Password Editor (Legacy), the updated version of Firefox's Password Editor, via a developer. I was quite happy with the latter and never had a problem. Since Legacy's demise, I have subscribed to McAfee SafeKey, and quickly rescinded my account for same. Now, I am using LastPass, which is an involved, secure program. For me, too involved and, referred to as a remarkable program, it has plenty of quirks and mistakes, like not filling in login information. So annoying! Therefore, yearning for the simplicity of Firefox's Password Editor, I pose the question w/Quantum, currently v57.0.2, is Firefox's Master Password Editor considered viable, i.e., secure? Thanks in advance for a security/safety review of the current Firefox Password Editor.

被采纳的解决方案

Names and passwords that are stored in logins.json are encrypted with an encryption key that is stored in the key4.db file. The Master Password adds an extra level to that encryption. When you don't use a Master Password, having access to key4.db and logins.json is all it takes to have access to the encrypted names and passwords by placing both files in a Firefox profile folder.

Use a strong password : at least 10 characters and use some symbols and numbers, not just letters.

Also see : https://support.mozilla.org/en-US/kb/use-master-password-protect-stored-logins

And : https://support.mozilla.org/en-US/kb/password-manager-remember-delete-change-and-import

定位到答案原位置 👍 1

所有回复 (2)

Shadow110
Shadow110
more options

Hi, I would say maybe, I would not use it myself. Pen & paper person and memory. Not so much as insecure but if browser goes down maybe lost. Have had to tell, is lost before. Not many times though. Better off I think as personal opinion only to use 3rd party if so choose. There are several including Norton Password Manger here : https://addons.mozilla.org/en-US/firefox/extensions/ Explore your options and theirs.

Please let us know if this solved your issue or if need further assistance.

Happy112
Happy112
more options

选择的解决方案

Names and passwords that are stored in logins.json are encrypted with an encryption key that is stored in the key4.db file. The Master Password adds an extra level to that encryption. When you don't use a Master Password, having access to key4.db and logins.json is all it takes to have access to the encrypted names and passwords by placing both files in a Firefox profile folder.

Use a strong password : at least 10 characters and use some symbols and numbers, not just letters.

Also see : https://support.mozilla.org/en-US/kb/use-master-password-protect-stored-logins

And : https://support.mozilla.org/en-US/kb/password-manager-remember-delete-change-and-import