This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Support
Support
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Store Passwords Or Logins Or both Or nothing FIXED BASIC preferences. Make Firefox Safer!

shiftF12-web-de
Making moves
‎01-05-2025 08:39 AM
Status: New idea

I got hacked.

on emailprovider website gmx.de
I assume it was a basic method by sneeking my cookies and finding out my stored password.

What I learned in the aftermath of this terrible experience of being hacked on multiple accounts at the same time, loosing telegram account, amazon account and one emailaccount,

is:
never store passwords in the browser

 

 

ok.

sounds simple

 

but you and i know:
IT IS SOOOOO CONVINIENT....

so

my idea is to give the user to have security and still nearly the same easiness of visiting a websie and looging into it.

normally when you are asked for login name and password, you can store them in the browser.

name and password are stored.

if you dont store password, the browser asks you if you want to actualize the setting and stored data for this website, which is, in case you dont want to store password, quite annoying.

in case you want to store password, but not login, and you might have several accounts on the same page, you might get in trouble because, if you dont have a seperated password for each account, you might not know which password is for which account, on top they are all shown behind stars, so... not readable.

and of course you should not have ONE password for all but a password for each account.

so.

my idea is the following.
to let the user have passwords stored, or login names, or both or both in a new way or only one, i would
kindly like to suggest the following change to preferences menu

user
do you want to store login names? yes / no
do you want to store passwords ? yes / no
if you want to store login names, shall the logins shown in full length? yes / no
or shall only the first xxx letters be shown
or (if emailaddresses) first letter of name and @"first letter of domain" and. "tld"

so for
john@usa.com it would be J...@u...com
or do you want to exchange certain login names with aliases
if yes, please list the names and the aliases here
for example
show john@usa.com as "my normal email"
show johnfamily@usa.com as "familiylogin"
show johnseceretaccount@usa.com as "none of your business"
and so on

in case you want to store password, do you want to store full password
or shall we store password only first xxx letters?

in case you use a method that you have a standard password which you enhance with a certain addon letter(s) for different websites, shall we always insert you standard password?

if yes let me know your password here:

(warning: unsafe method!!)

 

 

this would be to let the user have more security and more comfort in organising his passowrds and logins

while at the same time give hackers less chances to steal them

 

if not john@usa.com and "password"

is stored, but only "john standard login" and "empty" is stored,

the chance of being hacked is low.

 

the need to store at least login names is high,

especially when you have several login names on one page, you need the help of the menu with all your login names.

however, there could be aliases to make those secret,

and even if the password is stored for them, the login would still be safe

and, other way round, if you store login names in full length and detail but no password,

you still are able to type in your standard password

 

standard password however, could be typed in at the beginning of each session and not be stored in the files of firefox, but in the RAM for this session.

that would make it very difficult to rread it out.

so when opening ff

or every day at 0700 ff would ask you if you would like to set your password for this session into RAM

and then be able to let it be set it automatically every day

even if you change passwords every day, this could help you to make work easier

and not loose so many clicks on chosing ff questions on actualizing password / login storage.

 

i also learned that a fake website you ld tell firefox "hey i am amazon website, let me read your cookie"

things like this, the contact to a hacker phising site, often happen throug links in telegram, whatsapp, mail

and even if you dont type in anything and close at once when learnign that it might be a phishing site, it´s already too late.

therefore i would suggest, to give firefox a new feature

"when firefox is used by third party programs to open links"

so for example, you tell telegram that firefox is your standard browser, then firefox should HIDE all cookies form that tab or window to prevent being hacked this way.

and there should be a preference regarding the cookie readout

so that the user can decide:

when opening a tab or window, shall cookies be enabled or not?

shall cookies be enabled for certain websites?

list them here...

cookies disabled for certain websites?

if yes, list them here

 

like this the user would have much more security on browsing and using firefox as standard browser for other programs, too

i will, as long as there is no feature like this, tell telegram and whatsapp, to use EDGE as standard browser

becauser there i dont store anything.

so its safe

 

 

so

these were my ideas for this topic of security.

thank you for reading up to here.

 

 

 

See more ideas labeled with:
Comment
1 Comment
Status changed to: New idea
Jon
Community Manager
Community Manager
‎01-07-2025 06:58 AM
‎01-07-2025 06:58 AM

Thanks for submitting an idea to the Mozilla Connect community! Your idea is now open to votes (aka kudos) and comments.

Copyright © 2025 Khoros, LLC