- Mozilla Connect
- Ideas
- Require primary password to pre-fill forms
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Currently: you can provide a primary password (formerly "master password") for the password manager. Firefox will not utilise stored passwords unless the primary password is provided when Firefox starts up. This is weak security in the event your PC is compromised by, for example, someone accessing it without your consent - because if you already have Firefox open, they will have access to all your stored passwords and/or can simply sign in to all the sites for which you have stored passwords.
Change request: make it so that at the time Firefox is about to pre-populate a login form (or other sensitive data), it requests the user to provide the primary password.
Options include:
* allowing the user to specify that they want this additional level of security i) for all stored passwords; ii) or, alternatively, for stored passwords they specify.
* allowing the user to specify that when they provide the primary password, Firefox will not request the primary password again for a specified period of time (eg. 5 minutes) even if the user is wanting to access a different stored password.
Compare: Dashlane's commercial password manager uses this approach.
- New idea 8,190
- Trending idea 65
- Needs more 1
- In review 12
- Exploring more 11
- In development 70
- Not right now 8
- Delivered 185
- Closed 23
