This thread was archived. Please ask a new question if you need help.
If someone steal files that contain master password and website username&password ....
can he/she decrypt those files and get my website user name and password??
All Replies (10)
It depends on the strength of the master password.
There are programs available to crack passwords, a common method used is either brute force or dictionary attacks. If you have a weak master password, such as a word, password cracking applications will probably be able to crack the master password, giving somebody access to your other passwords. If you use a strong master password that contains a mixture of upper and lower case letters, numbers and other characters, it will be very difficult to crack, and will likely take a prohibitively long time.
OK. Are those files signons.sqlite and key3.db ??
The passwords are stored in signons.sqlite, key3.db is used to encrypt/decrypt the passwords. Those 2 files need to remain together.
Do they contain websites addresses?
signons.sqlite contains the web address, username and password.
Only the user name and password are encrypted. The website URL is in plain text in signons.sqlite.
Is encryption strong?
Does Mozilla website have an article about Firefox encryption method???