cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Yangu_Hury
Making moves
Status: New idea

 

I suggest to encrypt Firefox Profiles with AES 256-bit primary key and a file key. Login for important sites are available in profiles data. This data can be easily copied and used to access account without password or login because profile has the cookies and other login data of sites. With local access to the PC a person can boot a Linux and copy Firefox Profiles in Windows/Linux profiles and use it on other Firefox if you keep your account logged in these Firefox profiles.

6 Comments
Status changed to: New idea
Jon
Community Manager
Community Manager

Thanks for submitting an idea to the Mozilla Connect community! Your idea is now open to votes (aka kudos) and comments.

majkassab
New member

👍

Nich
Making moves

I Agree!

fabsidereal
New member

Definitely needs to happen at some point, but it would probably require a big rewrite of the code.

cryptostuff
Strollin' around

Absolutely yes. Encrypt the profile and, of course, protect Firefox profile from being opened (with Firefox). Please do!

Moleculo
New member

I vote for this suggestion because Firefox's lack of any kind of profile protection makes me think about choosing another browser. At the very least, Firefox should encrypt the cookie database, which currently can be simply copied by an attacker and substituted into another profile, after which the attacker gets access to all user authorizations. I think this is unacceptable and wonder why this is not given the attention it deserves. This extra layer of protection can save the user's data in case the system is compromised. Please implement profile protection and encryption.