Why was this password login access lockwise feature disabled ?
This lockwise related feature requires one to enter a computer password/pin etc to be able to see saved login passwords. This is something I have always wished FF had (like every other browser does) but was always told that it is not necessary or is silly since it is not very secure or some other nonsense. But is is useful since it makes snooping difficult which is good enough.
Anyway, obviously FF has come around to this viewpoint... but after finding that without warning it is no longer functioning on my browser and resetting firefox and restarts and everything, I see on the page below "This feature will be disabled for both macOS and Windows in Firefox version 76 and 77. Mozilla is planning improvements to this feature in Firefox 78."
Bizarre since according to the article it starts working in version 76. Starts working in 76 but has been disabled in 76 (plus 77 for good measure).
What? My question is why was this disabled for what's likely to be a while and is there anyway to override it? Can I bring it back with a pref change? Thanks!
https://support.mozilla.org/en-US/kb/lockwise-password-authentication-prompt
Ændret af user2571841 den
Valgt løsning
Hello tomseys,
Would you try this please :
Type in the address bar about:config and press Enter.
(ignore the warning)
Type in the search bar and look for the preference :
signon.management.page.os-auth.enabled
Change its value to true.
Then close and restart Firefox.
Alle svar (5)
Valgt løsning
Hello tomseys,
Would you try this please :
Type in the address bar about:config and press Enter.
(ignore the warning)
Type in the search bar and look for the preference :
signon.management.page.os-auth.enabled
Change its value to true.
Then close and restart Firefox.
Yes, thank you so much McCoy. That works.
Hi,
4 month later we have reached FF version 80 and this feature is still disabled by default. Can anybody tell, what is the "good reason" that it should be used for testing only? Some security issues? Would be great to get it fixed. Using Lockwise with Windows Hello is just great.
But how useful/secure is this feature? With the signon.management.page.os-auth.enabled set to true, I am prompted for fingerprint/OS password to reveal the password on the "Logins and Passwords" page. However, I can navigate to one of the login pages for which a password is saved, e.g. BitBucket, have the password entered automatically, then click the "eye" icon in the password field and see the password in clear text.
Have I totally missed the point on this feature? I see no security layer when FireFox does not prompt for an OS password or other means of authentication at least once when using saved FireFox Lockwise passwords.