X
Tap here to go to the mobile version of the site.

Support Forum

What's the point of Sync if I cannot load data until I register device?

Posted

I don't understand what SYNC is useful for if I cannot retrieve the data I uploaded to the server if I simply reset my browser. This happens often in Nightly (especially since this new australis/28.0a1 is so buggy since it's basically chrome UI ontop of gecko instead of chromium) because it is a test/alpha build and often requires a reset once the add-ons tested become obsolete/incompatible due to update.

If I have mobile firefox, and I synced ALL my data to a server, using a secure connection, after entering a password when prompted, WHY MUST I HAVE ANOTHER DEVICE PAIRED TO ACCESS MY OWN DATA?

This makes no sense since the purpose of sync is to backup and maintain the data. However, if you happen to have only one device that uses sync, as of right now, you cannot download and use the data uploaded earlier. OR, if you have a paired device but something happens to it as well. Often, this could be a buggy nightly build or you simply moved the browser from mobile built-in memory to SD card. Then, your mobile isn't synced, and your PC isn't synced either. You have the password, you have the same computer and mobile, you have the same e-mail... BUT NO, you must have a 3rd pr 4th device that is still paired or else it is useless!

I don't understand what SYNC is useful for if I cannot retrieve the data I uploaded to the server if I simply reset my browser. This happens often in Nightly (especially since this new australis/28.0a1 is so buggy since it's basically chrome UI ontop of gecko instead of chromium) because it is a test/alpha build and often requires a reset once the add-ons tested become obsolete/incompatible due to update. If I have mobile firefox, and I synced ALL my data to a server, using a secure connection, after entering a password when prompted, WHY MUST I HAVE ANOTHER DEVICE PAIRED TO ACCESS MY OWN DATA? This makes no sense since the purpose of sync is to backup and maintain the data. However, if you happen to have only one device that uses sync, as of right now, you cannot download and use the data uploaded earlier. OR, if you have a paired device but something happens to it as well. Often, this could be a buggy nightly build or you simply moved the browser from mobile built-in memory to SD card. Then, your mobile isn't synced, and your PC isn't synced either. You have the password, you have the same computer and mobile, you have the same e-mail... BUT NO, you must have a 3rd pr 4th device that is still paired or else it is useless!

Chosen solution

You would have to copy the signons.sqlite and key3.db files (temporarily) to an existing or new Firefox profile and look in the Password Manager for the sync key.

You can find the sync account password and the sync (recovery) key in the password manager on computers where a sync account with a specific e-mail address has been set up.

Look for:

  • chrome://weave (Mozilla Services Password)
  • chrome://weave (Mozilla Services Encryption Passphrase)
Read this answer in context 4
philipp
  • Top 10 Contributor
  • Moderator
3164 solutions 14652 answers

hello jeois, firefox sync is not primarily designed as a backup service but to keep multiple devices on the same level (therefore the name firefox sync).

in order to access the data in your sync account you'd need three components: the username, the password & the recovery key generated during the original setup of the account (you're prompted to print it/save it/write it down while setting it up). in case you have all those three pieces of information available, you can go to firefox > options > sync > set-up sync > i have an account > i don't have the device with me in order to link firefox to your account.

hello jeois, firefox sync is not primarily designed as a backup service but to keep multiple devices on the same level (therefore the name firefox sync). in order to access the data in your sync account you'd need three components: the '''username''', the '''password '''& the '''recovery key''' generated during the original setup of the account (you're prompted to print it/save it/write it down while setting it up). in case you have all those three pieces of information available, you can go to ''firefox > options > sync > set-up sync > i have an account > i don't have the device with me'' in order to link firefox to your account.
cor-el
  • Top 10 Contributor
  • Moderator
12902 solutions 118344 answers

See also the posts by the OP in this thread:

See also the posts by the OP in this thread: *[[/questions/969334]]

Question owner

Look, of course, we can use local profile backup to save the data.

However, the way other applications have it configured, you can also use their sync to share data between computers or devices WITHOUT such a complicated pairing mechanism... so tedious to the point that it is usually USELESS because of scenarios like I just mentioned:

  1. 1) You reset your browser on PC.
  2. 2) Your mobile (which memory is sketchy anyways) loses sync also (sometimes mine loses it for some reason because of VPN or other connection issues; other times due to updates; other times moving data from card to mobile memory and vice versa)
  3. 3) No choice but to delete and start over! No way to access data uploaded.
  4. 4) Website for sync only allows you to delete data or reset password. VERY limited function. (e.g.) You can do this by pressing 1 or something sent to a service bot.

What do you do with the data that is on the server? Is it not still useful information? I have the password, I have a (supposedly) secure connection through the browser, and I have an e-mail account to verify. Why must I go pair another device only to find my data has already been deleted? (recovery key mechanism is misleading!) IF I was prompted to save the recovery key during the original setup, then I should have it saved somewhere on my harddrive and/or online storage. I've been looking for it all day, and all the support pages for this topic seem to indicate that this recovery key is generated at the time of original sync config, but the methods of retrieving it involves going to the "manage sync" prefpage that I cannot access anymore since I lost sync which is what my problem is in the first place.

This seems ridiculous because now the only way to access that data is if I had another device paired to the same sync account. I did at one point have SYNC installed on my mobile phone running Android. However, as I updated from Firefox beta to Nightly and re-downgraded it back to Firefox main release, somehow I lost the sync. Or, I could have lost the sync by moving the app from builtin memory to SD card.

In any case, I think this pairing and recovery mechanism is needlessly complicated. Mozilla makes the UI look more and more like Chrome, which I disagree with, since the unique GUI is one of the main reasons I use Firefox as my primary browser. But, when it comes to the sync function and how google handles the uploaded data, in my opinion, it is MUCH more intuitive and actually makes sense in respect of both reliability and security.

Look, of course, we can use local profile backup to save the data. However, the way other applications have it configured, you can also use their sync to share data between computers or devices WITHOUT such a complicated pairing mechanism... so tedious to the point that it is usually USELESS because of scenarios like I just mentioned: # 1) You reset your browser on PC. # 2) Your mobile (which memory is sketchy anyways) loses sync also (sometimes mine loses it for some reason because of VPN or other connection issues; other times due to updates; other times moving data from card to mobile memory and vice versa) # 3) No choice but to delete and start over! No way to access data uploaded. # 4) Website for sync only allows you to delete data or reset password. VERY limited function. (e.g.) You can do this by pressing 1 or something sent to a service bot. What do you do with the data that is on the server? Is it not still useful information? I have the password, I have a (supposedly) secure connection through the browser, and I have an e-mail account to verify. Why must I go pair another device only to find my data has already been deleted? (recovery key mechanism is misleading!) '''''IF''''' I was prompted to save the recovery key during the original setup, then I should have it saved somewhere on my harddrive and/or online storage. I've been looking for it all day, and all the support pages for this topic seem to indicate that this recovery key is generated at the time of original sync config, but the methods of retrieving it involves going to the "manage sync" prefpage that I cannot access anymore since I lost sync which is what my problem is in the first place. This seems ridiculous because now the only way to access that data is if I had another device paired to the same sync account. ''' I did at one point have SYNC installed on my mobile phone''' running Android. However, as I updated from Firefox beta to Nightly and re-downgraded it back to Firefox main release, somehow I lost the sync. Or, I could have lost the sync by moving the app from builtin memory to SD card. In any case, I think this pairing and recovery mechanism is needlessly complicated. Mozilla makes the UI look more and more like Chrome, which I disagree with, since the unique GUI is one of the main reasons I use Firefox as my primary browser. But, when it comes to the sync function and how google handles the uploaded data, in my opinion, it is ''MUCH'' more intuitive and actually makes sense in respect of both reliability and security.

Modified by jeois

philipp
  • Top 10 Contributor
  • Moderator
3164 solutions 14652 answers

Helpful Reply

i'm sorry but without the three components mentioned in my prior post it won't be possible to retrieve the synced data from the servers. the recovery key is used to locally encrypt your data before moving it to the cloud & meant to ensure that you're the only person that can access the data. since sync can hold very sensitive data (your passwords and your online-life) the system was designed with high security and encryption standards in mind, so the convenience and ease of use might suffer in return.

in case it's of any consolation to you, the sync service is currently in the process of being overhauled anyway: https://wiki.mozilla.org/User_Services/Sync

i'm sorry but without the three components mentioned in my prior post it won't be possible to retrieve the synced data from the servers. the recovery key is used to locally encrypt your data before moving it to the cloud & meant to ensure that you're the only person that can access the data. since sync can hold very sensitive data (your passwords and your online-life) the system was designed with high security and encryption standards in mind, so the convenience and ease of use might suffer in return. in case it's of any consolation to you, the sync service is currently in the process of being overhauled anyway: https://wiki.mozilla.org/User_Services/Sync

Question owner

I'm using the same computer and I have the previous profile locally backed up and saved on the hard drive.

Is there any way for me to access and get Recovery Key from a locally stored backup profile (which once imported or manually ported to an active installation is not synced)?

>> @ pphilip, Ref: inconvenience and complications are due to local data encryption and strong security standards; I disagree this is the case. I think if we adhere to obsolete encryption specs, then perhaps someone would come up with a mechanism like the current Firefox sync system. However, I believe it is entirely possible to comply with very strict security standards without such a cumbersome pairing and recovery key mechanic.

As a matter of fact, I would assert that the 12digit generated code along the recovery key is LESS secure in some ways than other validation/verification systems. For example, if someone walks to me my PC, WITHOUT my password, they would still be able to pair their mobile device, walk away, and sync my passwords since they are saved by firefox also. Only when there aren't any devices still paired to the server does the recovery key come into play. And in this case, it is actually less secure because such a key would be more likely saved unsecurely (i.e. saved to unencrypted text file or hand written on paper). A hacker could easily capture the 12digit code by invoking the sync setup and capturing the screen, so i don't see how this system is any more secure than other systems of verification.

This system is unnecessary, and like I previously explained does not offer any level of security beyond what other systems use. And if I pair a device and do activities, the level of standards for security could be questioned, and in fact, whoever uses such a system could be found liable if they simply use default settings for Firefox (e.g. does not enforce secure connections, access to options and hence pw manager is itelf not password protected, etc).. In such a case, you should create an extension or separate fork of Firefox for such secure browser. For instance, Comodo Dragon was created based on Chrome/Chromium, although I can't vouch for its performance since I've only used it for a couple of hours. Or, you should set preferences in such a way for increased security in Firefox because the DEFAULT settings are unsecure anyway.

So in the end, I still am frustrated and do not understand why I cannot access my own data online, given that such a system can demonstratively shown to be just as insecure if not moreso using DEFAULT preferences than other systems less cumbersome. If this pairing method was an option rather than the defaulat

I'm using the same computer and I have the previous profile locally backed up and saved on the hard drive. '''Is there any way for me to access and get Recovery Key from a locally stored backup profile (which once imported or manually ported to an active installation is not synced)? ''' >> @ pphilip, Ref: inconvenience and complications are due to local data encryption and strong security standards; I disagree this is the case. I think if we adhere to obsolete encryption specs, then perhaps someone would come up with a mechanism like the current Firefox sync system. However, I believe it is entirely possible to comply with very strict security standards without such a cumbersome pairing and recovery key mechanic. ''As a matter of fact, I would assert that the 12digit generated code along the recovery key is LESS secure in some ways than other validation/verification systems.'' For example, if someone walks to me my PC, WITHOUT my password, they would still be able to pair their mobile device, walk away, and sync my passwords since they are saved by firefox also. Only when there aren't any devices still paired to the server does the recovery key come into play. And in this case, it is actually less secure because such a key would be more likely saved unsecurely (i.e. saved to unencrypted text file or hand written on paper). A hacker could easily capture the 12digit code by invoking the sync setup and capturing the screen, so i don't see how this system is any more secure than other systems of verification. This system is unnecessary, and like I previously explained does not offer any level of security beyond what other systems use. And if I pair a device and do activities, the level of standards for security could be questioned, and in fact, whoever uses such a system could be found liable if they simply use default settings for Firefox (e.g. does not enforce secure connections, access to options and hence pw manager is itelf not password protected, etc).. In such a case, you should create an extension or separate fork of Firefox for such secure browser. For instance, Comodo Dragon was created based on Chrome/Chromium, although I can't vouch for its performance since I've only used it for a couple of hours. Or, you should set preferences in such a way for increased security in Firefox because the DEFAULT settings are unsecure anyway. So in the end, I still am frustrated and do not understand why I cannot access my own data online, given that such a system can demonstratively shown to be just as insecure if not moreso using DEFAULT preferences than other systems less cumbersome. If this pairing method was an option rather than the defaulat
cor-el
  • Top 10 Contributor
  • Moderator
12902 solutions 118344 answers

Chosen Solution

You would have to copy the signons.sqlite and key3.db files (temporarily) to an existing or new Firefox profile and look in the Password Manager for the sync key.

You can find the sync account password and the sync (recovery) key in the password manager on computers where a sync account with a specific e-mail address has been set up.

Look for:

  • chrome://weave (Mozilla Services Password)
  • chrome://weave (Mozilla Services Encryption Passphrase)
You would have to copy the signons.sqlite and key3.db files (temporarily) to an existing or new Firefox profile and look in the Password Manager for the sync key. You can find the sync account password and the sync (recovery) key in the password manager on computers where a sync account with a specific e-mail address has been set up. Look for: * chrome://weave (Mozilla Services Password) * chrome://weave (Mozilla Services Encryption Passphrase)
John99
  • Top 10 Contributor
  • Moderator
747 solutions 10205 answers

Just a passing comment about sync. IIRC

  • development has ceased, it is likley to be deprecated sometime.
  • the replacement is likely to be a server based backup.
Just a passing comment about sync. IIRC * development has ceased, it is likley to be deprecated sometime. * the replacement is likely to be a server based backup.