I have the same problem and I want more than just a fix; I want to know WHY this happens. Like you, I don't have my gmail account info saved in my Preferences >> Security >> Saved Passwords. Also, I've made sure the "Keep me logged in" box is not checked. So how is it that I stay signed in? Where is Firefox storing my credentials? How are they allowing access to gmail without my log-in information? This seems like a major security flaw to me and at the very least is incredibly insecure. Please address this Mozilla!

This can happen if the website remembers you via a cookie. Firefox stores cookies from pages in open tabs as part of the session data.

You can set the pref browser.sessionstore.privacy_level to 2 (never) or 1 (non-HTTPS, default in Firefox 3 versions) on the about:config page to disable saving cookies via session restore.

• http://kb.mozillazine.org/browser.sessionstore.privacy_level

To open the about:config page, type about:config in the location (address) bar and press the "Enter" key, just like you type the url of a website to open a website.
If you see a warning then you can confirm that you want to access that page.

If the browser closes then the session should terminate. THis is a grave flaw. What if we are on unsecure computer and the lights go off? The next time anybody opens the browser, hel be in my mailbox!!

Guys, the app tab is for the convenience of always having the window open AND having it be open when you first start your browser. If you are worried about your account being accessed because you are on a publicly used computer why are you even using this feature? It seems that it is neither useful or convenient to you.

At work, I want the usefulness/convenience AND I want to have to sign in. If someone mentioned being on a public computer, your response would make sense. Even at home, I would want to function by having the tab open and asking me to sign in. Since I originally posted this, I have completely stopped using this option because of this problem. Thanks for adding nothing to this conversation Heini.

This has bothered me a whole lot. Especially since Google Chrome's pinned tabs feature, the original impetus for Firefox's App Tabs, have never had this problem. I believe the solution is not to leave session data files unless the browser crashes. The current tabs should merely be bookmarked into a hidden directory. Now, if only a developer would make sure this happens...How best to contact them?

Sincerely,

Stuart

I tried Cor-El's solution. It took care of the privacy-problem. It is, however, very annoying. I have Facebook and Gmail as app tabs (both hpps, so I don't think privacy level 1 would make a difference). I have activated two-step verification, but at home I usually let it remember me for 30 days, so I only have to do the second step once a month. It I change the privacy-level, I get one sms from each site with a password I have to type. This is cumbersome. I want it to remember me in the sense that the sms-password is only typed once a month, but my regular password is required at each session.