Firefox may soon ask for the Windows Password to interact with saved passwords - gHacks Tech News


Firefox may soon ask for the Windows Password to interact with saved passwords

Mozilla plans to introduce a change to the password management system of the organization's Firefox web browser on Windows that improves the security of the data.

Firefox users may save logins using native password management capabilities. Passwords may also be imported from other web browsers installed on the device Firefox is installed or run on, or my syncing data between Firefox instances.

The Firefox password manager, recently relaunched as Firefox Lockwise, will prompt users for the Windows password of the signed-in user account before certain interactions with passwords, e.g. the showing of passwords, is permitted; this will only happen if the Firefox user has not set a master password in the web browser.

Current versions of Firefox may be protected with a master password. Once set, and setup is completely optional, the master password is required to interact with password storage. Starting in Firefox 76, Firefox will protect passwords for accounts without master password. Since the default is off, many Firefox users will benefit from this security precaution.

Google has been using a similar system in its Chrome web browser. Unlike Firefox, Chrome does not support the setting of a master password.

firefox windows password

Firefox will show a password or Pin prompt on Windows devices once the change lands. Firefox 76, Nightly, also has it implemented and users who are adventurous may take it for a test drive. Actions such as the request to reveal a password, to copy it, or to edit a password will spawn the prompt.

Note that this happens each time a request is made currently; it is unclear if Mozilla plans to implement a system that would request the password only once per session or once every y minutes to avoid user annoyance. Firefox will request the master password only once during a session and that system might be preferable to users who interact with passwords regularly.

You can follow the bug on Mozilla's bug tracking website. Firefox 76 is scheduled for a May 5, 2020 release.

Now You: do you use the built-in password manager of your browser or an external application/extension? (via Techdows)




Previous Post: «
Next Post: »


  1. Cor said on March 18, 2020 at 10:08 pm

    I’m a Chromium user and I’ve disabled browser password saving. Afaik each and every Windows version has been cracked with ease.
    I’m not that familiar with Firefox, but a compartmentalized version appears to be more secure.
    Unless using cloud synchronization, whichever browser. I prefer writing mine on a Post-it.

  2. Trey said on March 18, 2020 at 10:13 pm

    Time to set a FF master password I think. Not sure I want Firefox or any installed 3rd party app requesting my windows user account password.

  3. KarlsonD said on March 18, 2020 at 10:37 pm

    I agree with Trey. It makes little sense, even in the name of increased security, to exposed another key password [window’s logon] in any other context.

  4. motang said on March 19, 2020 at 12:10 am

    This will be great, as I use Firefox and Lockwise at work.

  5. Jonas said on March 19, 2020 at 1:05 am

    I used to use both the Firefox password manager, and the one built-in to the Mac (called Keychain). However there are so many malicious cracks floating around online that finally I decided to create a simple encrypted method of my own (not a real program) for storing passwords. My theory is that it’s so unique and obscure that nobody is going to attempt a breach.

    Also, for convenience, I’ve consciously set about memorizing as many of my main passphrases as possible. (This is possible because they’re composed of word snippets and numbers that are only meaningful to me.) This way I can (1) exercise my memory, and (2) still have my encrypted thingie to fall back on if I forget one of them.

    So far it has worked great, less hassle than it sounds like.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.