« White Glove Tracking
Firefox Tip: Remove Addons »

Firefox Tip: Disable Password Manager

This was obscurely mentioned a few days ago. Some people love the feature, some hate it. Are you someone who doesn’t use the password manager and hates seeing it popup and ask you if you want it to remember your password? If so, you’re in luck. Go into the options menu and select the “Security” tab. Then uncheck the “Remember passwords for sites” checkbox.

Tags: , , ,


May 7th, 2007 at 10:22 pm | Posted in Firefox Tips, Mozilla

Related Posts


4 Responses to “Firefox Tip: Disable Password Manager”

  1. Tara (PassPack) Says:
    May 18th, 2007 at 6:14 am

    It’s a good idea to turn that off - the browser’s built in password manager is very unsafe. They’ve all been amply cracked.

    For those who do use their browser’s password manager, you might consider turning it off. No worries, you can still recover your passwords from there: a href=”http://passpack.wordpress.com/2007/03/09/recover-your-passwords-from-your-browser/”> This article explains how

    I run an online password manager, so that article contains a product plug. But regardless of whether or not you are interested in PassPack, it should be helpful anyway.

    Cheers,
    Tara Kelly

  2. Tara (PassPack) Says:
    May 18th, 2007 at 6:15 am

    Sorry - I pasted in that link horribly. Here’s another go:
    http://passpack.wordpress.com/.....r-browser/

  3. Justin Dolske Says:
    May 24th, 2007 at 9:12 pm

    Tara, that’s not quite accurate…

    The Firefox password manager uses 3DES to encrypt the passwords, and if you’re using a master password you’re secure. [Someone could steal your profile and try to brute force your master password, but if they can do that they can probably just install a keystroke sniffer or various other malware anyway.]

    Firefox doesn’t require you to set a master password by default, which does mean that anyone with access to your browser’s configuration could access your passwords.

  4. Tara (PassPack) Says:
    May 31st, 2007 at 5:15 am

    @Justin
    Thanks, “amply cracked” was probably too strong a choice of words. However, there was a ton of press surrounding the lack of security of Firefox’s password manager - was that related to people not using the master password?

    I think the idea to simplify and promote the use of the master password would be a step in the right direction, but what about flat out requiring it?

    Perhaps that would help protect against tools like FirePassword which is advertised as “The Firefox Username & Password List Decryptor”

    I had a look at your blog - lots of exciting changes in the works, especially the porting from C to JS. Very cool.

    Cheers,
    Tara

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

By submitting a comment here you grant this site a perpetual license to reproduce your words and name/web site in attribution.