This thread was archived. Please ask a new question if you need help.
no longer have access to email. I was using ,y firefox account fine, but now after I log in you ask verification code which is sent to the old nonactive email.
I was using firefox sync account firstname.lastname@example.org just fine. that email was deleted for non-use. No verification procedure was laid out anywhere in the agreement. Then firefox modified the agreement and now sends verification codes to that email, which I no longer have access to. I am able to login in my account using the login and password , however firefox now wont allow me to change the email to the new one to receive verification code. I need access to my bookmarks and saved passwords NOW! Firefox had no rights to unilaterally change the agreement without notice to the customer. Firefox had no right to impose the verification email without letting the customer make sure his email can still recieve verification codes. Firefox failed to provide customer support because it doesnt even have a technical support email or phone number like a registered business should have. I lost access to my bookmarks and saved passwords because of negligence and reckleness of Firefox in failing to notify the customer to change the email to make sure the email can receive incoming emails and is current. I have the access to my firefox sync account, however it wont let me login without the verification code which is being sent to a nonactive email, used many years ago.
Suggested resolution: if you are a smart and relatively educated techncial support, you would realize that the same ip address would indicate that I am who I am and I should be allowed to change the email. However, firefox provided no technciall support and DID NOT EVEN HAVE A CONTACT EMAIL, while making significant profits from the customers and yet fails to provide technical support.
I need access to my bookmarks NOW!
To further clarify the verification process, it's very simple. You click to start the verification process. The Firefox Account system sends a randomly generated code to the email address that you have on your account. You enter the code that received in your email (or click the link in the email that has the code included) and the Firefox Account system compares that to the code that it sent to you. if it's correct, you're verified. If it's wrong or if you don't enter a code within the time limit, the code becomes invalid and you need to request a new code.
It has nothing to do with IP addresses or anything like that. In fact, you can enter the code or click the link from an entirely different computer if you want to. It's simply to verify that you have access to the email address on the account in order to prove that you are most likely the account owner.
Unfortunately, this discussion has gone on for far too long. There's nothing more that I can assist you with. I've provided you with all of the necessary information related to your problem.
I totally understand that losing your bookmarks and other data is frustrating. As much as I truly would like to help you, it's just not possible. Sorry.Read this answer in context 👍 0
All Replies (20)
Unfortunately, unless you have access to the email on the account, you're out of luck. See I've lost my Firefox Sync account information - What to do.
It's common knowledge that your account needs to be connected to a valid email address. This is the standard across the entire internet. Without a valid email address on the account, it's now impossible to prove you are indeed the account owner.
Your point about the IP addresses is invalid. You have forgotten a number of things. IP addresses can be changed and, in some cases, users may even share the same public IP address. Using that as a method of identity verification is not possible.
I didn't think to mention this when I first wrote my reply, so I will make an edit.
Whether or not you have access to your Firefox Account, that won't impact the data that has already been synced. Theoretically, if you have had a computer connected to Firefox Sync recently, you should already have a copy of your data (bookmarks, passwords, etc) on that system.
In that situation, it's just a matter of creating a new Firefox Account under a valid email address and then you will once again be able to sync your data.
Modified by Wesley Branton
I have both login and password which are both valid. So everything you wrote is entirely invalid. I am presumed to be the valid owner of the account with the login and password that allows me to login. The problem is now email verification is required. Your company should have allowed the user to change the email. So everything you wrote defeats common sense. Especially that my ip was the same with the history of visits. So makes no sense what you wrote What response do you have about the fact that Firefox has no dedicated email address for technical support?
Knowing the email address and password associated with an account does not mean that you are presumed to be the valid account owner. Login details can easily be guessed. Since your Firefox Account contains sensitive information, like your saved passwords, it's important to be absolutely sure that you are the account owner before allowing you to sync your data.
For example, if someone was able to guess your password (or find it in 1 of the hundreds of data breaches that occur each year on websites across the internet) and Firefox automatically assumed them to be the valid account owner, they can sync your data to their browser. Then, they have access to every saved password and login that you have in Firefox. That would be very bad.
As for the IP address situation, it may not necessarily be the same. Most internet providers will periodically change your IP address. In some cases, even just losing the power on your router/modem will force it to reconnect and it will get assigned a new IP address. So, again, an IP address is not a valid way to prove your identity.
You are indeed allowed to change your email address associated with your Firefox Account. The problem is that you need to verify that you are the account owner via the Firefox Account verification process before you will be able to do so.
In some cases, users have been able to login to their account at accounts.firefox.com, instead of through the Firefox Sync window, using their login and password only. However, you may still be asked to verify the account. It's worth a try though.
Firefox is a community driven project. Support is provided by a number of volunteers (like myself) who are working to make the internet a better place.
I am perfectly able to login though accounts.firefox.com THERE IS NO OPTION TO CHANGE MY PRIMARY EMAIL. If your software developers were thoughtful enough to forsee such a possibility that a primary email might get outdated, this would have been added. In fact you as software developer should add THIS OPTION AS SOON AS POSSIBLE. Or maybe you would like to perform a retina scan along with maybe my fingerprints? Wouldn't that be a nice idea for your company to store about your users if authenticity is such a concern as you claim it is? Find it a bit hypocritical?
Perfect! If you can login on that website, you will likely be able to change the email address without issue.
What you need to do is add a new email address as your secondary email for the account. Once you are able to verify that new email address, you will then be able to make that new email the primary one. The previous one that's outdated should then be downgraded to your secondary email address and you can remove it from the account.
Hope this helps.
This is all wrong. When you try to edit the secondary email HERE IS WHAT IT SAYS:
NOTE: Before you can view or make changes to this section, you will need to verify your email address.
Quote: it asks to verify the PRIMARY EMAIL!!!!
In that case, unless you still have access to the primary email address, you will not be able to recover the account. No one will be able to help you bypass the verification process.
You are exhibiting obvious signs of complete misunderstanding of the term bypass something, and TO GET MY STUFF BACK. You are profiting as a licensed business from users and yet fail to open a technical support line to allow the user to recover their account 1. when they have full access to their account 2. use the same location when they login. 3. most likely same browser fingerprints and all the other stuff, that you apparently had no problem storing about me...yet claiming privacy of that data.
You are obviously trying to show that firefox is in to protect my privacy where in fact you are complicating things for users that shouldnt be complicated. In fact you are refusing to recover my data, whereas you know that it is mine with almost 0 doubt. And you are refusing that not because of the privacy concerns but because of simple lack of technical knowledge. Every respected company allows its users to recover access without verification email to the primary email when they can perfectly login to their account.
Again, what you fail to understand is once i am logged in from the same address and location, that you company has no problem storing, I am presumed to be the owner of this account and I should be able to change my primary email address and have the verification email sent there. Does this logic seem obvious to you?
would you like me to remind you that your so called "experienced software developers" caused all addons to go offline some time ago? and then turning back saying: oh, we are just a community project....
Firstly, Mozilla is a non-profit company. Mozilla does not profit from users. Mozilla does have employees working in select departments (since you can't really turn over control of secure aspects of Mozilla-related projects to an open community), but much of the projects are community driven.
I've already explained why your IP address cannot be used as valid verification of your identity. It can change. It can be faked. I could change my IP address to match yours, but that doesn't mean that I'm you. An IP address is public information, so it's not exactly difficult for a person to see.
Unfortunately, it's the user's responsibility to ensure that their account is connected to a valid email address. If you are no longer connected to a valid email address on your account, you will not be able to complete the verification process. Therefore, the account is non-recoverable.
No legitimate company will recover an account for you without some form of verification. For example, if you lose the email address associated to your Facebook account, you would need to provide the phone number on your account or a form of valid ID. It's the same with Google; It's the same with Reddit; It's the same with all legitimately run websites.
Since you no longer have access to the email address on your account, you will not be able to recover the account. No one at Mozilla will be able to recover the account for you. Sadly, you will need to make a new account under your new email address.
Modified by Wesley Branton
But do you even understand that I never lost access to my account? That I am able to login???! Are we speaking different languages??? Can any reasonable person in this forum read what I am talking about and to at least relatively understand???? That I can login !!!! but can’t change the primary address ? Because of ??? Firefox deciding to send verification anew after the update...?
Yes, I understand that you are able to log into the account. However, you are not able to complete the mandatory verification process because you do not have a valid email address attached to your account.
Because you cannot complete the mandatory verification process, you only have limited access to your account. You are not able to make certain changes to your account (change primary email, etc) or use certain features (Firefox Sync, etc) if you cannot complete the required verification process.
Incorrect!!! This account was verified and used many times!!! The verification message was the initiative of Firefox.
Again the account was verified and used
I repeat, Firefox engaged in haphazard verification of the primary emails of verified accounts. I assume by selectively picking users. You are an open source project, show your users and the community what discriminatory measures you impose to double verify primary email addresses of already verified accounts? Show us the software code? So we know what kind of users you discriminate against
The verification process completed when you registered the account differs from the verification process that you need to complete in order to access secured areas of your account.
There are instances were Firefox may ask you to verify that you are who you say you are and not someone who guessed login details. For example, you will always be asked to complete the verification process when you sign into Firefox Sync on a new device.
This is one of those cases where you would need to complete the verification process. Unfortunately, there is no alternative.
Modified by Wesley Branton
Do you understand that when someone is guessing a password there would be at least one or two incorrect attempts to login which you system would store? Not only you are contradicting yourself but you are also exhibiting serious signs that there is something that you hide form your users as an open source project.
And do you find it even more outrageous that with all the money your corporation is making from its users, to discuss my private concern I have to create a public forum topic??? Is this truly a company that cares about its users privacy??? What a hypocrisy!
I believe if your company can’t provide knowledgeable and user friendly technical support on the issues of their customers, that company should abandon that business all together, our market is in so much need of carpenters and painters. Software development isn’t everyone thing.
To clarify, "guessing a password" doesn't necessarily mean making multiple attempts at the login page until they get it right. In fact, many stolen passwords come from lists that can be purchased by attackers online.
For example, if you have an account on Company A, your login information is stored on Company A's system. What often happens in the technology industry are data breaches. This is when attackers manage to download a copy of the account information for a large portion of users.
Assuming hackers manage to break into Company A's system, they can download a copy of passwords for a lot of users. These passwords are usually the hashed version of the user passwords. In simple terms, the password the user enters is run through a complicated mathematical formula to produce what looks to the be random text. That's what's saved to Company A's system.
When you log in, the system takes the password that you enter, runs it through the same math formula and compares the result to what's saved in their system for your account. If it matches, they will let you in.
If hackers have access to that hashed password list, they can make unlimited guesses using their own automated systems. They will essentially try a variety of techniques to attempt to guess the right password. They will just run their guess through the same math formula and repeat until they get something that matches what they see on the list they stole.
The reason this is a problem is that many users online do something called "password recycling". It's the bad practice of using the same password on multiple accounts.
The reason this is an issue is that attackers can take the email address and known password they stole from Company A and attempt to login with the same information on Company B. It's not always successful, but if a user shares the same password for both accounts, that means the attackers now have access to both accounts.
And because the actual guessing of the passwords is done entirely on their own computers, the attackers don't need to make multiple guesses on a login page, so it can look just like a regular user logging in. If the website gets suspicious, they just change their IP address and now they just appear as a new device.
All that above is not to mention the relatively simple alternative methods that attackers can use to get the login information for your account. For example, installing a virus on your computer that uses a keylogger to track every key that you press on your keyboard.
As unlikely as it may seem, it happens... a lot. According to statistics, more than 2.5 billion accounts on the internet were hacked in 2018. More than 20% of internet users get hacked. It's an unfortunate reality of the internet.
This is why identity verification is very important when it comes to accessing sensitive data. This is why you won't be able to fully access the secured parts of your Firefox Account unless you are able to complete the verification process.
A privacy centered browser is talking about identity verification. This is getting so interesting. Is this is the official position of the company?