Hilfe durchsuchen

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Is it possible to change the LOCATION of stored passwords?

  • 7 Antworten
  • 1 hat dieses Problem
  • 207 Aufrufe
  • Letzte Antwort von cor-el

more options

I would like Firefox to store my passwords, but I dislike that anyone can just open up the browser to find all of my data. Yes, I have a master password, but I know it's not difficult for anyone to go into the data files and decrypt the password files.

What I would like to do: 1. Relocate the key3.db and logins.json files to a flash drive. Or the entire profile if absolutely necessary 2. Change where Firefox pulls passwords from to my flashdrive 3. Ultimately it will only be able to remember my passwords if my flashdrive is plugged in

For a quick Q+A: 1. Would I need to relocate just the two files, mentioned above, or the entire profile folder? 2. What file directs Firefox to the current password location, to the AppData folder? Can I/what do I need to change this? 3. Is this at all possible?

I'm currently using Firefox 37.0.2, running on Windows 7. I'm not well versed on technical jargon, but I'm reasonably competent. Please let me know if more information is needed.

Ausgewählte Lösung

While it's possible to relocate your passwords, it's difficult (and note, this is only a concern if someone has access to your computer, in which case they would be more likely to use a keylogger and gather all your keystrokes that way, so you'll have bigger concerns).

If you are very concerned about this, then I'd suggest using something like lastpass, which stores your passwords in an encrypted database in the cloud and only pulls them down when you log in.

Diese Antwort im Kontext lesen 👍 1

Alle Antworten (7)

more options

Ausgewählte Lösung

While it's possible to relocate your passwords, it's difficult (and note, this is only a concern if someone has access to your computer, in which case they would be more likely to use a keylogger and gather all your keystrokes that way, so you'll have bigger concerns).

If you are very concerned about this, then I'd suggest using something like lastpass, which stores your passwords in an encrypted database in the cloud and only pulls them down when you log in.

more options

Thanks Tyler.

I'm aware of the keylogging issue but.. I'm not very good with computer security and this seemed the easiest thing I can do to help protect myself. (and while not losing passwords hah)

I actually looked further into Keepass (the database I'm using) after I posted my question and found an extension for Firefox. I tried it before and it didn't work, but apparently it hadn't installed right!

For any of those who may have similar issues: I had to manually copy the plugin file from the Firefox folder to my Keepass installation folder on my flashdrive. I also had to make a folder FOR that file, simply named "plugins". Once it synced up, it started working.

However I'm still unsure whether firefox is storing any data when I log in with Keepass.

more options

Just a note, this doesn't really increase your security except in the case that someone comes into your house and sits down in front of your computer. That's the only real case that you need to be concerned about (or if you let someone have remote access over your computer).

The better things that you can do to increase security are:

  • Keep Firefox up to date
  • Keep plugins such as Flash and Java up to date (or remove them if you don't use them)
  • Keep your operating system up to date (Make sure you check the Recommended updates, you might have a graphics driver update in there you should install)
  • Have a reputable anti-virus (for you I would suggest Microsoft Security Essentials) and run regular scans
  • Update to windows 10 when it comes out this Summer for increased security (If you update in the first year it's free!)
  • Don't install or download untrusted things from the internet
more options

I've had two laptops stolen in two different cities and I'm just constantly in fear that it will happen again and someone will have access to the passwords I use.

I do keep everything updated as much as possible, though it is difficult on my work computer. I can't update Windows manually, it's purely up to our HQ.

Thank you for the advice though, I'll look into Win10!

more options

If you are running windows 7 ultimate or enterprise, maybe look into Bitlocker, http://windows.microsoft.com/en-US/windows7/products/features/bitlocker which will encrypt your entire hard drive, making it next to impossible for someone to access it without your security key (this protects not just your Firefox files, but everything on your hard drive.

There are other encryption methods as well that you can use, this is just built into Windows for certain versions.

more options

I'll look into that, thank you again!

more options

You can't decrypt the passwords stored in the logins.json file unless you know the MP or have a weak MP that can easily be guessed or found via a dictionary look up. The domain URL (host) is not encrypted, but the names and passwords are. Without a MP you would only have to copy the key3.db and logins.json file to another Firefox profile folder.

You can log out from the Software Security Device (e.g. click Cancel in the Show Passwords dialog) to protect the passwords against viewing and force having to re-enter the MP again.