Where did you install Firefox from? Help Mozilla uncover 3rd party websites that offer problematic Firefox installation by taking part in our campaign. There will be swag, and you'll be featured in our blog if you manage to report at least 10 valid reports!

Avatar for Username

Søg i Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Denne tråd blev arkiveret. Stil et nyt spørgsmål, hvis du har brug for hjælp.

What type of encryption does the built-in password manager use?

  • 1 svar
  • 1 har dette problem
  • 1 visning
  • Seneste svar af TyDraniu

ouranos196
ouranos196
more options

I've been trying to know how secure is the built-in password manager in Firefox. On the web, some say it uses SHA-256, others SHA-1 with one iteration (wich would be awful!!!). If it's not secure enough, I will use another password manager.

I've been trying to know how secure is the built-in password manager in Firefox. On the web, some say it uses SHA-256, others SHA-1 with one iteration (wich would be awful!!!). If it's not secure enough, I will use another password manager.

Valgt løsning

When using a master password, passwords are encrypted using Triple DES Encryption in CBC mode. This is OK.

The problem is, master password is encrypted using SHA-1 with 1 iteration. This is quite weak (see bug 524403).

You still can use another pass manager.

Læs dette svar i sammenhæng 👍 1

Alle svar (1)

TyDraniu
TyDraniu
  • Top 10 Contributor
more options

Valgt løsning

When using a master password, passwords are encrypted using Triple DES Encryption in CBC mode. This is OK.

The problem is, master password is encrypted using SHA-1 with 1 iteration. This is quite weak (see bug 524403).

You still can use another pass manager.

Ændret af TyDraniu den