Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

how secure is my passwords over other apps in system

  • 3 replies
  • 2 have this problem
  • 23 views
  • Last reply by ReZzA

more options

Hello mozilla support. Firstly I apologize for my english. I love Firefox and using him for many years this time i run on 64bit version number 88.0. I recently discover problem with my saved passwords in Firefox and i mean this broke my or everyone privacy using feature of saving passwords by Firefox. After some time past installation of antivirus program Avast on my desktop PC i was surprised with new installed program on my desktop named Avast Secure Browser. I ran this program first time and without any his any question he show up in front of meon desktop. I discover in his settings that all my passwords saved in Firefox was succesfully decrypted because when i click on the eye icon my password was showed up as he is in firefox. Then i search for a file in my user profile where the Avast Secure Browser has my passwords stored and then check this file on all other user profiles on my PC where nobody not even once run this Avast Secure Browser but all passwords was already prepared for them in that file on all user accounts without any grant or approval by other users during their work on PC. I am only man which administrate this PC and I dont allow Avast Secure Browser stole my passwords from Firefox. My questions is obvious. How secure is for any user which stored their passwords in Firefox before any other system application like antivirus installed on PC with platform windows? How is possible for any app simply decrypt my passwords from logins.json file? For me it is a very bad if this was allowed through maybe some function in Firefox API that can some program use, but i am not an expert on Firefox a that is why i wrote this. If a problem is Avast which use some not good practise in this app, then i immediately send him feedback. But firstly i want answer from your team.

Chosen solution

mbagin24 said

Hello mozilla support. Firstly I apologize for my english. I love Firefox and using him for many years this time i run on 64bit version number 88.0. I recently discover problem with my saved passwords in Firefox and i mean this broke my or everyone privacy using feature of saving passwords by Firefox. After some time past installation of antivirus program Avast on my desktop PC i was surprised with new installed program on my desktop named Avast Secure Browser. I ran this program first time and without any his any question he show up in front of meon desktop. I discover in his settings that all my passwords saved in Firefox was succesfully decrypted because when i click on the eye icon my password was showed up as he is in firefox. Then i search for a file in my user profile where the Avast Secure Browser has my passwords stored and then check this file on all other user profiles on my PC where nobody not even once run this Avast Secure Browser but all passwords was already prepared for them in that file on all user accounts without any grant or approval by other users during their work on PC. I am only man which administrate this PC and I dont allow Avast Secure Browser stole my passwords from Firefox. My questions is obvious. How secure is for any user which stored their passwords in Firefox before any other system application like antivirus installed on PC with platform windows? How is possible for any app simply decrypt my passwords from logins.json file? For me it is a very bad if this was allowed through maybe some function in Firefox API that can some program use, but i am not an expert on Firefox a that is why i wrote this. If a problem is Avast which use some not good practise in this app, then i immediately send him feedback. But firstly i want answer from your team.

This was the first thing that came into my mind after watching Brave import all my passwords from Firefox with no effort. And apparently Firefox and Internet Explorer are the only browsers that have this level of privacy.

Read this answer in context 👍 0

All Replies (3)

more options

Other applications can inspect and import your Firefox login data (usernames and passwords) if you do not use a Primary Password to add an extra encryption level.

Helpful?

more options

Thank you for your answer. I know about primary password and this simply means that if any user dont setup primary password then he expose for other apps maybe legal or illegal all his very sensitive personal information. Very few people in my community is interested about primary password because it is next obstacle in their digital lives and I think this is not good solution if you interested about security. Why do you keep opened this security window for tons of people in the world and why you cannot simply close this API possibilities for other apps. If it is so hard then Firefox is not good for me or anyone in my community. If it is not so hard then you give people reallly next level of security and then your interest will be transparent and you will have more followers. Dont tell my because someone big has interest with some provission for your team let this thing open because if you have really interest about internet security you can at least inform people with big letters so that never save password in Firefox without master password.

Helpful?

more options

Chosen Solution

mbagin24 said

Hello mozilla support. Firstly I apologize for my english. I love Firefox and using him for many years this time i run on 64bit version number 88.0. I recently discover problem with my saved passwords in Firefox and i mean this broke my or everyone privacy using feature of saving passwords by Firefox. After some time past installation of antivirus program Avast on my desktop PC i was surprised with new installed program on my desktop named Avast Secure Browser. I ran this program first time and without any his any question he show up in front of meon desktop. I discover in his settings that all my passwords saved in Firefox was succesfully decrypted because when i click on the eye icon my password was showed up as he is in firefox. Then i search for a file in my user profile where the Avast Secure Browser has my passwords stored and then check this file on all other user profiles on my PC where nobody not even once run this Avast Secure Browser but all passwords was already prepared for them in that file on all user accounts without any grant or approval by other users during their work on PC. I am only man which administrate this PC and I dont allow Avast Secure Browser stole my passwords from Firefox. My questions is obvious. How secure is for any user which stored their passwords in Firefox before any other system application like antivirus installed on PC with platform windows? How is possible for any app simply decrypt my passwords from logins.json file? For me it is a very bad if this was allowed through maybe some function in Firefox API that can some program use, but i am not an expert on Firefox a that is why i wrote this. If a problem is Avast which use some not good practise in this app, then i immediately send him feedback. But firstly i want answer from your team.

This was the first thing that came into my mind after watching Brave import all my passwords from Firefox with no effort. And apparently Firefox and Internet Explorer are the only browsers that have this level of privacy.

Helpful?

Ask a question

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.