Showing results for 
Show  only  | Search instead for 
Did you mean: 
Making moves
Status: New idea

This seems a security breach waiting to happen: the password search tool finds credentials by partial content of passwords.

Visually, it appears like showing and copying a password is guarded by entry of the master password. But quite clearly, the search lets us figure out whether or not someone is using a password at all.

This is a problem in situations where a user has logged into Firefox, already provided their master password, and walks away from their desk for a couple of minutes. (This happens regularly with many of my clients. People never lock their desktops. They'll even go home without locking their desktop, so maintenance personell has full access to their computers and networks.)

1 Comment
Status changed to: New idea
Community Manager
Community Manager

Thanks for submitting an idea to the Mozilla Connect community! Your idea is now open to votes (aka kudos) and comments.