Firefox Sync is completely insecure
After my Android mobile phone was stolen, I was stunned when I read this: https://support.mozilla.org/en-US/kb/disable-firefox-sync-lost-phone-or-tablet. It simply is an admission that Firefox sync is completely insecure. Any other similar services allow to dissociate a specific device so that the data cannot be accessed. However, with Firefox, the so-called most secure browser, all passwords can be accessed on a stolen device, even in clear with the password manager extension, and there is nothing you can do about it! That's just incredible!
All Replies (3)
with Firefox, the so-called most secure browser, all passwords can be accessed on a stolen device
This is only true if you don't take any precautions. If you're so security conscious as it sounds, why didn't you think about that before your device got stolen?
and there is nothing you can do about it!
Not true. https://support.mozilla.org/en-US/kb/using-master-password-firefox-android
Did you bother to set a master password?
Whether it's a good idea to make sensitive passwords available on a mobile device in the first place is a different story.
to add to the prior reply: as it is built now, firefox sync is not a separate data source that you can plug in & out of a device. it is a service that brings the local data of multiple devices to the same level (so data that arrives on your device via sync is no different than data you manually enter on a device which isn't connected to an account).
I understand your point, but what I'm questioning is that you can't dissociate a connected device, which is a pretty standard feature of many synchronized data services, such as Google, Evernote, Facebook, Dropbox and others. For a feature that stores data such as password, this is a huge gap.