Hi vicrussell, on your Mac, Firefox saves your logins in a local file and encrypts them using a locally stored key. Anyone who gets their hands on both of those files can decrypt your saved logins. This is how it has always been, before and after the Lockwise name was introduced. To secure the local data, you can use the Master Password feature: [[Use a Master Password to protect stored logins and passwords]]. This is a purely local password and does not sync. When Firefox Sync shares data between your different Firefox installations or with the Lockwise mobile app, the data is encrypted with your Sync key so it is secure from end to end between the local files. You mentioned: <blockquote>I just received a breach alert as I was signing into an account and the "Firefox Lockwise" dialogue box pop up for the first time ever. It referenced a site breach of a site that I rearly use and it was in 2018 the last time I even used it. </blockquote> Mozilla has partnered with the website "have i been pwned?" to provide alerts through the Firefox Monitor service. To learn more about the type of breach the site suffered, you can check either: * https://monitor.firefox.com/ * https://haveibeenpwned.com/ If your account on that site contains sensitive data -- for example, security answers you use on multiple sites, payment methods, personal information -- or would offer the ability to impersonate you on public sites, then you probably want to securely update your login and consider whether the leak affects any of your credentials around the web. If your account on that site was a throwaway and you don't care if you were to lose control of it, then no rush.