Avatar for Username

Sök i support

Akta dig för supportbedrägerier: Vi kommer aldrig att be dig att ringa eller skicka ett sms till ett telefonnummer eller dela personlig information. Rapportera misstänkt aktivitet med alternativet "Rapportera missbruk".

Learn More

Denna tråd har arkiverats. Ställ en ny fråga om du behöver hjälp.

is firefox sync safe

  • 7 svar
  • 1 har detta problem
  • 2 visningar
  • Senaste svar av OJNSim

OJNSim
OJNSim
more options

Hi I thought about starting to use firefox sync for my bookmarks. I noticed that is also sync login details, and I don't understand how this can be safe.

Assuming the data is stored encrypted, how this can be decrypted on the other machine?

tx

Hi I thought about starting to use firefox sync for my bookmarks. I noticed that is also sync login details, and I don't understand how this can be safe. Assuming the data is stored encrypted, how this can be decrypted on the other machine? tx

Alla svar (7)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

The Sync service uses a sync key to encrypt data locally before uploading. This Sync key is generated internally from the password of your Firefox account, so you do not need to worry about it. Without the correct password it isn't possible to decrypt the data stored on the Sync server because the correct Sync key can't be generated. The Sync key changes when you change the password of the Firefox account and you lose all data stored on the Sync server when you change the password of the Sync account. Other connected devices use the same name and password to log in to the Firefox Sync account, so they can decrypt data downloaded from the server locally. As long as you choose a strong password and you keep it to yourself then your data is safe.

See also:

OJNSim
OJNSim Frågans ägare
more options

so anytime the same user and pass are supplied the same sync key will be generated. isnt it?

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

Yes. If you would change the password of the Sync account or request a new password because you do not remember it then all data stored on the Sync servers is deleted because it can't be decrypted anymore and personal data stored on the Sync server is lost. You need to change the password on all connected devices and once again do an initial sync.

OJNSim
OJNSim Frågans ägare
more options

So if I understand correctly, the process goes like that: 1. when syncing the login details it is encrypted locally using the sync user and password. 2. encrypted data is stored on Mozilla servers 3. when a new machine is being synced, the encrypted data is sent to that machine, and is being decrypted locally again.

Am I right?

OJNSim
OJNSim Frågans ägare
more options

anyone?

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

The email address and password of the Firefox account is used to login to the Sync server. This same password is also used locally to encrypt your data before it is send to the Sync server. Other connected devices can retrieve this encrypted data and since they use the same email and password they use that password to decrypt this data locally. So only encrypted data travels between a connected device and the sync server.

OJNSim
OJNSim Frågans ägare
more options

Thanks. Now it is a bit more clear. two more questions please: 1. How does Master password fits into this model? 2. I never used this sync feature before, but now I read that in the past Mozila used a different mechanism, that allegedly was more secure. I'm interested how was it more secure? and if so, why did Mozila dropped that?

thanks