Firefox supportforum

Today, after browsing about whether or not I should continue using Firefox as my password manager, I decided to mitigate the most important security flaw in browser based password managers, by setting up a Primary Password. I choose to use an easy to remember 8 word long passphrase as my Primary Password. I noted down the passphrase in my diary. Due to problem while loading YouTube, I decided to restart Firefox by going to about:profiles and selecting "restart normally". This issue where Firefox starts to struggle connecting to internet is a relatively common occurrence on my Firefox install, and restarting Firefox fixes the issue. When Firefox restarted, I was prompted to enter the primary password. I confidently entered my passphrase, but it was rejected. I tried to typing to it more carefully several times. I got my diary and checked it to make sure I was entering the passphrase correctly. Following troubleshooting steps on a similar thread, I restarted firefox, no luck. I than rebooted my computer, issue persisted. I decided to restart Firefox with extensions disabled, and also in troubleshooting mode. Firefox still rejects my passphrase. I have my Firefox account synchronized with two Android phones. Will reinstalling Firefox and syncing with my Firefox account solve the problem? In a similar troubleshooting thread, renaming key4.db and logins.json is suggested. However, it has not been explained very clearly. My logins.json file was modified an hour before disaster, even though I had made no changes to any of my logins or the master password. Is my logins.json corrupted causing the issue? I will like to point out a design flaw in Firefox which might have caused the issue. I usually want to see what I am typing when I am entering an encryption password. This is to make sure that I don't mistype something. However, in Firefox Primary Password configuration window, there is not option to see what you are typing. Firefox relies on low probability of typing the wrong password twice. I don't think devs should be so worried about shoulder attacks to not even allow users option to view what they typing. My case might be that low probability situation where I made the same mistake while typing the passphrase twice.

Hello I'm referencing the topic where TLS 1.0 and 1.1 support was removed but rolled back to accommodate some government agencies / sites and support for COVID-19 data

https://support.mozilla.org/en-US/questions/1290040#:~:text=Mozilla%20and%20other%20browser%20makers,and%20performance%20of%20Internet%20connections.

Quoted answer "Right, support for TLS 1.0 and TLS 1.1 has been removed few months ago, but we reverted the change for an undetermined amount of time to better enable access to critical government sites sharing COVID19 information."

Since it was referenced as "undermined amount of time", is there anything currently on your roadmap/release schedule in regards to removing support again? I have some cutover decisions I need to make and knowing if ESR for example will remove this support in 2 months may effect the direction of those. If you have anything to share, i'd really appreciate it.

Regards,

-Chad

Hello!

I always use private browsing so I thought that my history was totally not being saved, but discovered recently that when I started to type within the search field, that many of my past searches were listed in the search field with the type highlighted in purple. I had to manually go in and delete all of these past searches. I don't want any search history to be saved. Is there a setting in preferences that I'm somehow missing? Why is Firefox saving these past searches if I have it set to Always Use Private Browsing?

Thank you!

I was surprised today to visit a site and notice the "permissions" icon appear at the left of the address bar, showing me that cross-site cookies were allowed for this site. I have Enhanced Tracking Protection set to "Strict", so obviously this was a worrying thing to happen.

Looking into it a bit further, it seems Firefox provides a backdoor for cross-site cookies: https://support.mozilla.org/en-US/kb/third-party-trackers?as=u&utm_source=inproduct#w_managing-cross-site-cookies

• "While cross-site cookies from trackers are blocked in Firefox by default, a site may signal to the browser that it needs to use them for important functionality. In this case, Firefox will allow a third-party website to use cross-site cookies the first five times (or up to 1% of the number of unique sites you visit in a session, whichever is larger) without prompting you. After that, Firefox will prompt you to block these cookies. Without your consent, Firefox blocks these cookies from that point because a site requesting access that many times may be a tracker."

This is most definitely not what I want!

I want every cross-site cookie to be blocked by default, unless and until I explicitly approve it. Is there an about:config preference I can set to achieve this?

Hello, Microsoft Defender did a scan tonight and apparently detected a trojan script, located in the folders for Firefox extensions for both profiles I use on my computer

Trojan description: Trojan:Script/Wacatac.B!ml

Files: C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Profiles\[default profile]\extensions\langpack-fr@firefox.mozilla.org.xpi C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Profiles\[second profile]\extensions\langpack-fr@firefox.mozilla.org.xpi

This scan happened at 9pm, and a previous scan at 6pm didn't show anything. When it detected the script, MS Defender contained it and apparently deleted it when it asked me to restart the computer, I then did a full offline scan and nothing else showed up, same with a full scan with the free version of Malwarebytes. I didn't do anything unusual between 6pm and 9pm, so I'd like to know if there's a way to determine whether that script was an actual threat (instead of a false alarm)? If so, any way to know how long it has been on my computer? Any further risks to take into consideration? Other steps to follow? Thanks for the help

Hi.

I need to print out my saved passwords. I have no cellphone to access, just my laptop and printer. I only use Firefox and no other browser. If my laptop gets hacked or breaks down, then I need to use someone else's computer to access my passwords in an emergency, and can't access my passwords to do so...so printing them out periodically is the smartest thing I can think of.

Help, anyone? This is pretty important to me. Thank you!

Hi,

I have installed Z-Scaler proxy root CA certificate in Firefox for enabling SSL inspection. It works fine for most websites, but for google.com and a few others I get every day a certificate invalid/not trusted error and I have to restart Firefox to get the error to go away. Any ideas of what I can do to improve this behaviour? Any configuration I missed?

It's very similar issue to https://support.mozilla.org/en-US/questions/1199797, except that when I restart Firefox it works.

Thanks in advance for your help

Hello, I can't access the home router. 192.168.1.1 results in "Secure Connection Failed" and nothing can be done. How can I solve the problem?

Please answer me at [email]@yahoo.com

Best regards, Ioana Udrea

I have a Netgear Readynas attached storage device. I am unable to connect to this device using Firefox. I encounter : Error code: SSL_ERROR_UNSUPPORTED_VERSION

It is not an dangerous site, it is my network storage device.

Is there a way to configure Firefox to connect to this device? Thanks for any help

Can't log into router. Works with Chrome and Edge 192.168.2.1

Tried this says in the router's Admin page: Access setting page via https://router.asus.com:8443 * Please use port 1024-65535. With and without :80 and :433

Tried everything I can find on this site and Google. Has worked for many years.

I don't have the option to see or edit my saved credit cards in firefox's settings, autofill still works but I can't make any changes to my cards. I went into about:config and made sure both of the below setting are set to true and they were and it's still not working, there are no settings to change the autofill

extensions.formautofill.creditCards.enabled extensions.formautofill.creditCards.available

Taking a look at the screenshot attached below you will see the librewolf browser which is a fork of firefox, blocks system font detection by default. How does librewolf do that? I hope by reading your reply i will be able to achive the same outcome with firefox. I'm also interested on how to block system local time readout/detection with firefox as i have so far not found a solution to this issue. As a privacy focused person i do not see any reason why any website would be interested in the timezone of my operatingsystem. This information is most likely not even necessary for functionality. From my knownledge the android browser named bromite (source: https://www.bromite.org/) does block timezone detection by default, since firefox is a privacy browser i fail to understand why this feature is not included to the settings tab.

PS: I'm not interested to making any suggestions anywhere, i want to modify firefox to block both system font and system timezone detection, any help is welcome...

i need set a default exception website for pop-up blocker settings fore every firefox install. or completely disable pop-up blocker settings as default.

what can i do for this purpose?

Hi,

No matter what I do, a google dialogue box encouraging me to use google for password management, pops up every time I go to a site, new or existant.

I've gone into my google account to disable such requests, and, indeed, otherwise use google for nothing....not even search............but they keep coming anyway.

am using ubuntu 20.04, and no other utility or code is giving me this trouble.

I want to stop this dialogue box and eliminate any code in firefox or ubuntu which supports it.....as I have no idea why this box showed up....one day it just started.

Many thanks!

oliver

I have 2-Step verification on Gmail. When I go to log in I get this: Insert your security Key into the USB. I cancel out of it and get this: Your phone can’t locate your device. Move your phone closer to the device where you’re signing in, and then try again. I "Try another way" and I try to get a "one-time security code" and it forwards me to a website where the cycle begins again. If I try "Auto-recovery" it sends me to google. I can access Gmail on the same machine via Chrome, but would rather not. I can also get it on Firefox on my phone.

I did recently turn on two-step and it asked if I wanted a key, and I thought it might mean Google Authentication, I think it meant a USB key.

Any thoughts? I rather not give up Firefox.

Hello,

I am a developer on an emergency intervention hotline for sexual assault.

Firefox is now throwing up psuedo-modal advertisements for it's VPN above pages. See attached screenshot for example.

It is absolutely IMPERATIVE that our visitors do not receive these new modal advertisements that Firefox is throwing at them. What can I do to prevent Firefox's new browser-hijacking advertisements from showing up on our hotline pages?

I experienced this on Twitter, and it 100% was not part of the dom. It also greyed out the tab bar, and prevented me from opening the menu with alt. I know how to make it not show up anymore on my machine, but how can I prevent it from appearing on visitors to my website, who are in some of the most vulnerable times of their life.

I have my Firefox Firefox Privacy & Security History settings set to 'Always Use Private Browsing Mode.' Yet every time I open Firefox and visit the History tab, 'Recently Closed Tabs' shows a history of the websites I've visited. How do I disable this feature?

Hi there! I am a long time Chrome user and decided to try Mozilla Firefox. I loved it and after a bit of tweaking, I run into a problem I can't deal with myself. In Chrome I loved auto fill options every time I needed the option for my home address, email address or credit card. In Firefox I just can't do it. The option is only available for Canada or SUA. Is there any way I can make it work? Of course, I looked for some add-ons and actually found several, but given the fact that auto-fill in my case deals with personal and sensitive data, I need a safer method. Is there any? Thank you!