Firefox saved passwords is a neat little feature that Firefox has in its browser. Being a web developer I have 100′s of username’s and password’s to remember for FTP, Control Panels, etc… Using Firefox saved passwords automatically fills these in for me. Great, right?
Well obviously it saves you time, but at a security risk. If someone now compromises your laptop and can get to the browser, they can have access to privileged information. You should have other securities in place to prevent this from being so easy. Having a log in to your computer would prevent them from even getting to the browser.
Now whatever this isn’t so bad if they use your Firefox to browse right? They have to know the URL’s of each privileged site (or look at the history). This has to be done individually and would really take some time. How many passwords do you think I could steal in 1 minute? Probably not a whole lot right?
Well I can actually view all your saved passwords in one “secret” place; well actually it is in Tools >> Options >> Security.
Now that I have scared you to the point of switching browsers… hopefully not IE6 I will tell you of how to protect yourselves and some practical GOOD USES of this functionality.
Today I was asked by a fellow web developer of mine what the password was to a site we were working on. I thought for a moment, and realized a little while later that none of my files told me what the password was. Getting a little frustrated, it hit me that it was saved in Firefox. I then checked out the saved passwords section of the options and was not beaten up by this fellow developer for losing the password.
For those of you that take your security real seriously, I will ease your nerves by saying that Firefox allows you to specify a master password that protects the rest of your passwords. This in itself would prevent me from accessing all your saved passwords in 30 seconds flat.
What do you think? Are saved passwords handy? or too insecure?
Depends on what passwords you have saved, and whether the computer itself is secured. I focus on convenience with programs like Firefox, while making it more difficult to access Firefox in the first place (i.e. login screen). My computer locks up after 1 minute, so even if I just walk away for a moment, no one is likely to gain access … I tend to trust the people I live with anyway
I’m anti saved passwords, staying logged in sure. But saving your passwords is an easy way to get stuff messed with especially at work or a public environment.
Though what I use is http://clipperz.com/ installed on my own server so I don’t even have the database being owned by someone other than me. I can store all my passwords and with one password from anywhere get them back.
What happens if your Firefox data gets corrupted, hard drive crash, etc. No worries about that over here, data is on a server backed up of course, and they allow for you to have an offline copy.
I am also a web developer of 15+ years. My opinion.. Get out the good old pencil and pad and write it down. Now I run Mac computers so I am not too concerned about someone accessing my hard drive but at the same time I still use the old fashion pencil and paper for my hundreds if not thousands of logins..
It’s really handy! I have to remember dozens of passwords and firefox save password feature really save me much time. Write it down by pencil will not save you time.
I don’t like master password, I think protecting the entire computer system is a better way, like Nate said.
Hey, why don’t you run a poll for that?
I think Firefox saved passwords is great. I have a master password so no one can gain access to mine. I also have windows XP Password protection and Kaspersky Internet Security so no hackers can gain access somehow.
saved passwords are great and as been already said, use a master password. At the
same time, there is vulnerability when the
password file can not be accessed. I use
a text editor and create a flat file with
the same information and keep it backed up.
No setup is 100% but with a little common
sense, security and convenience go hand in
hand. What I would like to know is what is the firefox filename and its path so I
can back that up. I use both fedora core 9 and xp.