Why does Firefox Sync removes data when password was changed?
Hi,
First of all let me indicate that I appreciate the job you have been doing as Firefox support / development teams.
I've just learned that firefox sync removes the stored data when password was changed right after trying to get help for not-restored settings. I think it is quite common forgetting a password and recovering by mail - reset. I am just so curious about the reason why Firefox Sync removes all data when password was changed.
所有回复 (3)
hi, this is due to the security-focused design of sync - before it leaves your device, all sync data gets encrypted with a key derived from your password & only this encrypted dump is stored on the sync servers. there is no other way to get to the encrypted data, than knowing your original password (not even for mozilla or other "interested parties"). there should also be a warning about all stored sync data being gone at the beginning of the password changing procedure in firefox accounts.
the very technical details of this process are described at https://github.com/mozilla/fxa-auth-server/wiki/onepw-protocol
So, in my humble opinion; just decrypt data when user resets his/her passwd and re-encrypt data with the new passwd. OK, I know you'll say it's not possible to decrypt data without the passwd that it was encrypted first but ... don't you think user is still authorized to view or restore them once he/she resets via e-mail? Putting a warning message is not enough. Any personal account is recoverable without data loss in today's world. Even still if it has to be used, then this very important information should be highlighted in bold red letters, warning icons, in a separate step of the wizard. I need to cover a lot of passwords. However I feel like I am speaking against the famous for privacy policy of the firefox that I've been using for a long time with love. Maybe you're right. Maybe browser is on top of other personal accounts like a main gate.
Anyways guys, make it better, ok? Good luck with that.
firefox_user_1665322 said
don't you think user is still authorized to view or restore them once he/she resets via e-mail?
The whole point is that Mozilla can't access your information. Your login details and browsing history would be a goldmine for governments/hackers, this way Mozilla can tell governments where to go because they really can't access it, and likewise they can't access it if someone forgets their password. If you're not that bothered about security then just choose a really weak, easy to remember password.