This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Support
Support
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Make master password mandatory if people wish to save password in the browser

cy_narrator
New member
‎10-09-2022 09:16 PM
Status: New idea

I do not see any difference between writing passwords in a piece of paper vs saving passwords in the browser in its default unencrypted form without master password. In fact I would say writing password in a piece of paper becomes a bit more secure compared to saving passwords in the browser because you can at least be responsible enough to hide that piece of paper in a safe compared to passwords saved in your browser which is always two clicks away.

 

Someone with two cents of security needs can use master password to encrypt the password but it is not what majority do. For majority of people, their passwords is just in the Passwords option in the hamburger menu. This can definitely be improved.

There are two easy ways to set it up I see,

1: Make master password mandatory and warn the user they cannot forget it. If they do not provide master password, they cannot save passwords in the browser, as easy as that.

2: Disable the option to view passwords if done in an insecure way, meaning if there is no master password present. This is not full fledged solution but will help against most normal computer users. Surely a 'hacker' can find the passwords file somewhere in the computer and open it up with notepad but that is statistically not most people

See more ideas labeled with:
Comment
2 Comments
Status changed to: New idea
Jon
Community Manager
Community Manager
‎10-10-2022 06:23 AM
‎10-10-2022 06:23 AM

Thanks for submitting an idea to the Mozilla Connect community! Your idea is now open to votes (aka kudos) and comments.

MintMain21
Familiar face
‎10-11-2022 12:26 PM
‎10-11-2022 12:26 PM

Seems a bit daunting to completely lock Firefox's Password Saving Features behind setting up a Master Password, but it's a good idea at the very least to warn users to remember their Master Password at all costs before setting it up.

I completely agree with the OP that it's generally unwise to save passwords without a Master Password, but I'm concerned that many users would not like the change and prefer the current standard of accessibility. As for me, I use Bitwarden anyway, so I'm indifferent to how Firefox handles Passwords in my everyday browsing, so for me it's how others use Firefox that matters most.

Copyright © 2024 Khoros, LLC