Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

Firefox Android - No Authentication required to fill user credentials

Mistful
Mistful
more options

Hi,

I am an avid user of Firefox on Windows/Linux/Android. The password saving/auto-filling works great on my Windows and Linux devices. I like that the master password allows me to authenticate before any user credentials are filled in. I did however notice that on my Android Phone, there's no way to force authentication when filling in user credentials. I consider this a great privacy risk, considering that if anyone were to get access to my phone, they would without any hassle get access to a bunch of my accounts. I checked in the settings, and I cannot find a setting for it anywhere.

I am running the latest version of Firefox from Google Play. Firefox version: 84.1.4 (Build #2015785883) Phone: Samsung S10 running Android 10

Thank you.

Hi, I am an avid user of Firefox on Windows/Linux/Android. The password saving/auto-filling works great on my Windows and Linux devices. I like that the master password allows me to authenticate before any user credentials are filled in. I did however notice that on my Android Phone, there's no way to force authentication when filling in user credentials. I consider this a great privacy risk, considering that if anyone were to get access to my phone, they would without any hassle get access to a bunch of my accounts. I checked in the settings, and I cannot find a setting for it anywhere. I am running the latest version of Firefox from Google Play. Firefox version: 84.1.4 (Build #2015785883) Phone: Samsung S10 running Android 10 Thank you.

Chosen solution

I think the idea of the current design is that the thief would only see •••••• and not the actual password text. When attempting to view the text, they'll need to enter your device PIN or whatever other way you've secured your device.

There probably is a way to use debugging to bypass this limited protection, so it certainly would be preferable to have a strong password to unlock the password manager as we have on desktop.

There is a feature request for this on file over here:

https://github.com/mozilla-mobile/fenix/issues/14428

I can't tell whether work is being done on it (I don't know Github that well).

Read this answer in context 👍 1

All Replies (1)

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 10 Contributor
more options

Chosen Solution

I think the idea of the current design is that the thief would only see •••••• and not the actual password text. When attempting to view the text, they'll need to enter your device PIN or whatever other way you've secured your device.

There probably is a way to use debugging to bypass this limited protection, so it certainly would be preferable to have a strong password to unlock the password manager as we have on desktop.

There is a feature request for this on file over here:

https://github.com/mozilla-mobile/fenix/issues/14428

I can't tell whether work is being done on it (I don't know Github that well).