X
Tap here to go to the mobile version of the site.

Support Forum

firefox sync security enquiry

Posted

Good day.

I would like to know what security precautions Firefox uses on its sync capability.

I need utmost security to make sure my login and history data is not compromised as I have sensitive company and client login details that I sync.

Does firefox use good encryption standards such as SHA256/SHA512 etc?

Thank you

Good day. I would like to know what security precautions Firefox uses on its sync capability. I need utmost security to make sure my login and history data is not compromised as I have sensitive company and client login details that I sync. Does firefox use good encryption standards such as SHA256/SHA512 etc? Thank you

Chosen solution

hi Checkmate, the whole security architecture of the service is documented at https://github.com/mozilla/fxa-auth-server/wiki/onepw-protocol if you're interested in the technical details.

i'd say it's designed with security as the most important factor in all aspects - to the detriment of usability (we regularly get support requests from people who have forgotten their account passwords or access to their 2nd factor device without any saved recovery codes, but there's no possible way to have their data restored)...

Read this answer in context 1
Quote

Additional System Details

Installed Plug-ins

  • Shockwave Flash 32.0 r0

Application

  • User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0

More Information

philipp
  • Top 25 Contributor
  • Moderator
5282 solutions 23334 answers

Chosen Solution

hi Checkmate, the whole security architecture of the service is documented at https://github.com/mozilla/fxa-auth-server/wiki/onepw-protocol if you're interested in the technical details.

i'd say it's designed with security as the most important factor in all aspects - to the detriment of usability (we regularly get support requests from people who have forgotten their account passwords or access to their 2nd factor device without any saved recovery codes, but there's no possible way to have their data restored)...

hi Checkmate, the whole security architecture of the service is documented at https://github.com/mozilla/fxa-auth-server/wiki/onepw-protocol if you're interested in the technical details. i'd say it's designed with security as the most important factor in all aspects - to the detriment of usability (we regularly get support requests from people who have forgotten their account passwords or access to their 2nd factor device without any saved recovery codes, but there's no possible way to have their data restored)...
Was this helpful to you? 1
Quote

Question owner

Thanks a lot. Highly appreciated. As an aspiring cybersecurity professional I am very interested about what security precautions services use that I use on a daily basis.

Thanks a lot. Highly appreciated. As an aspiring cybersecurity professional I am very interested about what security precautions services use that I use on a daily basis.
Was this helpful to you?
Quote
Ask a question

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.