- Mozilla Connect
- Ideas
- Expire primary password session after a while
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Having a primary password which protects access to stored password is great. It would be great if firefox could be configured to re-request the primary password every so often, to reduce the impact of (OS login) session hijacking. Given the prevalence to sleep/hibernate PCs a firefox process may last for several days or possibly weeks, meaning that access to use the stored logins lasts that long too. It would be great if that duration could be limited without needing to cycle the firefox process.
There already seems to be something like this for accessing the raw credentials on `about:logins` -- the first time you click to see a password you're prompted for the primary password, but if you click to see another right away then you're not asked again. Yet you are asked again if you try to do this a bit later on (I'm not sure what the delay is).
A default (maybe 4 hours?) would likely work for most users, though being able to customise the duration (even just via `about:config`) would be great for those who want more control over their security posture.
- New idea 4,834
- Trending idea 68
- Needs more 1
- In review 14
- Exploring more 13
- In development 65
- Not right now 4
- Delivered 71
- Closed 7
