Mozilla Connect

Thanks for submitting an idea to the Mozilla Connect community! Your idea is now open to votes (aka kudos) and comments.

It may not be "very easy" to guess a sufficiently sophisticated password, but it is true that it is abnormal, unnecessary and potentially dangerous to be able to do such a search.
As a matter of principle one should not have any information about a password that would make it easier to find by trial and error.

Seeing the length of the password (a frequent practice, not only in Firefox) is already questionable.

Besides, a precaution against indiscretion from someone sneakily viewing Firefox opened by a user who has momentarily stepped away would be to ask for the main password again when opening about:login, rather than when looking at a site password.

I currently use the search password feature to check for duplicate passwords. Removing this feature would break this use case, though in the future, once Firefox has password alerts for duplicated passwords implemented, this does not matter anymore

It is a manual step, but if you think someone is going to have physical access to your Firefox, you can "re-lock" your saved logins using this method:

• Click a Copy button or the "eye" icon for any password on the Passwords page
• Cancel the dialog instead of entering your Primary password

If you reload the page, it will now require your Primary password before displaying it.