This was obscurely mentioned a few days ago. Some people love the feature, some hate it. Are you someone who doesn’t use the password manager and hates seeing it popup and ask you if you want it to remember your password? If so, you’re in luck. Go into the options menu and select the “Security” tab. Then uncheck the “Remember passwords for sites” checkbox.
12 replies on “Firefox Tip: Disable Password Manager”
It’s a good idea to turn that off – the browser’s built in password manager is very unsafe. They’ve all been amply cracked.
For those who do use their browser’s password manager, you might consider turning it off. No worries, you can still recover your passwords from there: a href=”http://passpack.wordpress.com/2007/03/09/recover-your-passwords-from-your-browser/”> This article explains how
I run an online password manager, so that article contains a product plug. But regardless of whether or not you are interested in PassPack, it should be helpful anyway.
Sorry – I pasted in that link horribly. Here’s another go:
Tara, that’s not quite accurate…
The Firefox password manager uses 3DES to encrypt the passwords, and if you’re using a master password you’re secure. [Someone could steal your profile and try to brute force your master password, but if they can do that they can probably just install a keystroke sniffer or various other malware anyway.]
Firefox doesn’t require you to set a master password by default, which does mean that anyone with access to your browser’s configuration could access your passwords.
Thanks, “amply cracked” was probably too strong a choice of words. However, there was a ton of press surrounding the lack of security of Firefox’s password manager – was that related to people not using the master password?
I think the idea to simplify and promote the use of the master password would be a step in the right direction, but what about flat out requiring it?
Perhaps that would help protect against tools like FirePassword which is advertised as “The Firefox Username & Password List Decryptor”
I had a look at your blog – lots of exciting changes in the works, especially the porting from C to JS. Very cool.
Thanks for the Tip! I user Roboforms for managing passwords and other info, so Firefox’s pwd manager was superfluous and annoying.
I would prefer to be able to prevent the “login with” prompt for urls with inline auth
yes, thank you, firefox I know I’m logging in with a password, and yes it’s correct. arg
no mention of “@” in url and spoofing please. firefox needs an “not a moron” checkbox to disable the “protect moron user” “features”
yes I could not agree to protect the security of password ..
can also be done by inserting passwoed without the type (with so haker be difficult to identify what data it in writing) .. and can also be done by modifying the words used as a password ..
[…] http://robert.accettura.com/bl.....d-manager/ […]
hrelp – I did go to options and selected “Security” tab and “Unchecked the Remember passwords for sites”
but I am still being harassed by firefox “Network Password” pop=ups (I use XP and don’t comprehend computereze )
So far my only solution is to abandon Firefox and revert to Internet Explorer-
CAN we can do better than that –
OMG, duh! Thanks!
This is probably fine but I have been using Norton’s similar implementation for ages and don’t want to change. My point of writing is that I can’t turn this thing off! It is greyed-out in Tools > Options > Security and it is beginning to seriously annoy me with its continual popping-up when I don’t need it.