Windows 10 reached EOS (end of support) on October 14, 2025. If you are on Windows 10, see this article.

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Cuireadh an snáithe seo sa chartlann. Cuir ceist nua má tá cabhair uait.

Security flaw: Settings accessible after canceling OS authentication prompt

  • 1 freagra
  • 0 leis an bhfadhb seo
  • 224 views
  • Freagra is déanaí ó Paul
  • Cartlannaithe

Fouad Hany
Fouad Hany

When accessing about:logins, Firefox prompts for system authentication (Primary password or master password). However, if the user cancels the prompt twice, the password manager still opens and displays all saved logins without authentication.

This behavior bypasses the intended security check and could pose a risk, especially in shared or public machines

When accessing about:logins, Firefox prompts for system authentication (Primary password or master password). However, if the user cancels the prompt twice, the password manager still opens and displays all saved logins without authentication. This behavior bypasses the intended security check and could pose a risk, especially in shared or public machines

All Replies (1)

Paul
Paul
  • Moderator
  • Top 10 Contributor

Hi

Thank you for flagging this up. I am looking into this with Mozilla staff and hope to respond soon with an update.