Passwords are in plain view
Hello.
I noticed that when using the newest version of Firefox (84.0.2) I can go up to "logins and passwords" and all that's needed, even when not logged into the Firefox account in any way is to just click the "eye" icon and it shows the password.
How is this in any way considered secure? Anyone, at any time can just click this and see the passwords to all my web sites. I guess I will need to go back to using Edge where at least it asks me to use my PC login before it shows the passwords.
所有回复 (2)
Setting a Primary Password will prevent that.
https://support.mozilla.org/en-US/kb/use-primary-password-protect-stored-logins
For a while the requirement to use your Windows login was applied automatically but apparently that caused a lot of problems so it was turned off. If you want to experiment with it:
(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button accepting the risk.
(2) In the search box in the page, type or paste os-auth and pause while the list is filtered
(3) Double-click the signon.management.page.os-auth.enabled preference to switch the value from false to true
Considering that it can be easily turned off again, the Primary Password method is more secure.