[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: firefox password manager



On Friday 08 April 2005 10:31, Kamaraju Kusumanchi wrote:
> 
>
> Warning:- By default firefox stores the passwords unencrypted. You can
> see the exact passwords by going to Edit -> preferences -> view saved
> passwords. If you are the only person using the computer, then it
> probably is fine. But if multiple persons use it, then I would sincerely
> advice against using the "saved passwords feature".
>
> my 2 cents
> raju

Newer version of Firefox can encrypt passwords (1.x) if the default is 
changed. (Set the master password to enable the feature.) 

From the Firefox Help in CVS:
master key.  A symmetric key used by Certificate Manager to encrypt 
information. For example, Password Manager uses Certificate Manager and your 
master key to encrypt email passwords, web site passwords, and other stored 
sensitive information. See also symmetric encryption.

master password. A password used by Certificate Manager to protect the master 
key and/or private keys stored on a security device. Certificate Manager 
needs to access your private keys, for example, when you sign email messages 
or use one of your own certificates to identify yourself to a web site. It 
needs to access your master key when Password Manager or Form Manager reads 
or adds to your personal information. You can set or change your master 
password from the Master Passwords preferences panel. Each security device 
requires a separate master password. See also private key, master key.

I don't know what type of encryption is used if the help file is inaccurate.
http://lxr.mozilla.org/aviary101branch/source/extensions/wallet/src/wallet.cpp

Attachment: pgprXlb13yH_0.pgp
Description: PGP signature


Reply to: