Showing results for 
Show  only  | Search instead for 
Did you mean: 
New member
Status: New idea

Having a primary password which protects access to stored password is great. It would be great if firefox could be configured to re-request the primary password every so often, to reduce the impact of (OS login) session hijacking. Given the prevalence to sleep/hibernate PCs a firefox process may last for several days or possibly weeks, meaning that access to use the stored logins lasts that long too. It would be great if that duration could be limited without needing to cycle the firefox process.

There already seems to be something like this for accessing the raw credentials on `about:logins` -- the first time you click to see a password you're prompted for the primary password, but if you click to see another right away then you're not asked again. Yet you are asked again if you try to do this a bit later on (I'm not sure what the delay is).

A default (maybe 4 hours?) would likely work for most users, though being able to customise the duration (even just via `about:config`) would be great for those who want more control over their security posture.

1 Comment
Status changed to: New idea
Community Manager
Community Manager

Thanks for submitting an idea to the Mozilla Connect community! Your idea is now open to votes (aka kudos) and comments.