Firefox Flaw - Saved passwords

Associate
Joined
14 Jan 2010
Posts
2,424
Location
Essex
Just to educate someone I showed them how easy it was to access their passwords because they had the saved passwords option on in Firefox.

I mean why on earth in the days of people phishing and hacking every millisecond is this still an option to see your own password.

From such a popular browser it just begs common sense really, anyone know why they still leave it in their
 
Yes Opera has a similar problem - if you have not set a Master Password you can download the freeware Opera Password Decryptor. You dont even install it, it runs as is and in 2 seconds you have all Opera Wand passwords neatly displayed with an option to dump them to a .txt file.
 
I find it useful myself, too many passwords across too many websites/devices, it's nice to be able to look it up rather than having to reset it everytime I forget.
 
I feel as long as your important passwords (bank, credit card info etc) are stored in a secure database (like Keypass) then you are good to go.

I think a bigger problem is people using the SAME password for ALL their logins. That is asking for trouble IMO.
 
Errr....what's the security problem with this?

Are you saying it's a problem if someone is physically at your machine or can this be accessed by a virus etc?

Not sure if I need to be worried (as I do it) or just make sure I keep my door locked!
 
This has been a problem for as long as i remember.

All you have to do is set a Master password, that's the whole purpose of the Master password feature, if you don't want someone to access your saved password then just set one.

It's not enabled by default because some users would find it intrusive.
 
This has been a problem for as long as i remember.

All you have to do is set a Master password, that's the whole purpose of the Master password feature, if you don't want someone to access your saved password then just set one.

It's not enabled by default because some users would find it intrusive.


But that's the problem surely, because any unsuspecting member using the saved passwords feature in firefox are not going to realise them all being saved in there.
 
How does LastPass work and what makes it more secure?

I would be more worried that someone hacks their servers and makes off with all my passwords that way, how can they guarantee that it's completely secure?
 
When you create an account with LastPass you can login online to your vault. All your passwords are stored on your computer, encrypted and then uploaded to your vault. This means that you can access your logins from any computer as long as you know your master password. If your HDD dies then you simply install the LastPass plugin in to your browser and login and all your passwords are downloaded to your PC.

Stoner81.
 
They do it because if they did not then someone would just create software to show the passwords. Like nirsoft software. I don't realy care. I save my passwords in to the browser with no master password. if someone gets access to my machine to the extent that they can retrieve my firefox passwords then i have bigger security problems than browser passwords.
 
Back
Top Bottom