How to disable "Show password"
I am a manager of a company, and I need to let some of our employees access to our online accounts. However, they can see our username/passwords when they simply look at firefox settings. Master password is obviously not useful. I want to basically disable "show password" tab.
I looked up online all day, including other web browsers, and firefox extensions. I can't seem to find it out.
Can anyone help me with this?
Выбранное решение
A disable_button pref like pref.privacy.disable_button.view_password only works when you use lockPref() in an autoconfig.cfg file.
- lockPref("pref.privacy.disable_button.view_passwords", true);
When I checked the PasswordManagerEnabled policy then I noticed it affects signon.rememberSignons as well.
This makes it not easy to use this policy and keep using the Password Manager and Sync (no PP prompt at startup), so I'm not sure what use case there is for using this policy. The about:logins page is blocked and auto-fill is disabled, "Fill Login" still works once the PP has been entered.
Прочитайте этот ответ в контексте 👍 0Все ответы (9)
Of course you should set a Primary Password anyway to encrypt the credentials securely on disk; that is necessary to avoid third party tools extracting your saved logins using the logins.json + key4.db files.
You could look at the DisablePasswordReveal policy:
How can I enter this code to firefox? pref.privacy.disable_button.view_passwords
shippingeasy2 said
How can I enter this code to firefox? pref.privacy.disable_button.view_passwords
That preference does not exist by default in Firefox 86, and I'm not sure it applies to the new Lockwise UI.
A user can create and remove the preference interactively as follows:
(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button accepting the risk.
(2) In the search box in the page, type or paste pref.privacy.disable_button.view_passwords and pause while the list is filtered
(3) Firefox should display a row with the choices Boolean Number String and a + button. Keep the selection on Boolean and click the + button to create the new preference.
(4) If needed, double-click the new preference to switch it from false to true. To remove the preference, click the trash can icon at the right end of the row.
Do you notice any effect? Doesn't work for me.
Выбранное решение
A disable_button pref like pref.privacy.disable_button.view_password only works when you use lockPref() in an autoconfig.cfg file.
- lockPref("pref.privacy.disable_button.view_passwords", true);
When I checked the PasswordManagerEnabled policy then I noticed it affects signon.rememberSignons as well.
This makes it not easy to use this policy and keep using the Password Manager and Sync (no PP prompt at startup), so I'm not sure what use case there is for using this policy. The about:logins page is blocked and auto-fill is disabled, "Fill Login" still works once the PP has been entered.
Disabling the view passwords button isn't very helpful because you can get there by typing about:logins as well as the "Logins and Passwords" menuitem.
The policy disables the password manager completely because it wouldn't make sense to allow people to save passwords but then not be able to get to about:logins to see/modify those passwords. That's why the policy disables the password manager (which is similar to what happens on other browsers.)
The correct policy here (as was already pointed out) is DisablePasswordReveal
https://github.com/mozilla/policy-templates#disablepasswordreveal
This prevents someone from viewing the passwords on the machine.
And please don't use Autoconfig.
With only password reveal disabled you still have to use the Copy feature that allows to copy the password to the clipboard where you only have to paste it in a text area to have it is readable form.
Wouldn't it be safer to disable this Copy feature as well and only allow "Fill Password" to get the password in a form ?
I noticed an issue with DisablePasswordReveal in combination of using "Create New Login" as this removes the password field leaving only the label, so you can only enter the username and not the password.
Is this a bug or is this intended ?
> With only password reveal disabled you still have to use the Copy feature that allows to copy the password to the clipboard where you only have to paste it in a text area to have it is readable form. > > Wouldn't it be safer to disable this Copy feature as well and only allow "Fill Password" to get the password in a form ?
I copied the Microsoft behavior in this case and it was mainly focused on preventing someone from quickly seeing your passwords. I'll see what they do about copy and if we need a new policy.
> I noticed an issue with DisablePasswordReeal in combination of using "Create New Login" as this removes the password field leaving only the label, so you can only enter the username and not the password.
Definitely sounds like a bug. That's odd though because we're only messing with the little eye symbol.