Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Are Firefox bookmarks encrypted when synced?

  • 1 cavab
  • 0 have this problem
  • 1 view
  • Last reply by cor-el

more options

How are my bookmarks stored when synced between devices? Are my bookmarks encrypted as well as my passwords/credit card info? This is from the Mozilla page regarding encryption:

"Your encryption key remains a secret, only known to you and your authorized devices." and "We store your encrypted data on our servers so we can’t read it."

I just wanted to make sure this also applies to bookmarks before I import all of mine.

Thanks for any help!

How are my bookmarks stored when synced between devices? Are my bookmarks encrypted as well as my passwords/credit card info? This is from the Mozilla page regarding encryption: "Your encryption key remains a secret, only known to you and your authorized devices." and "We store your encrypted data on our servers so we can’t read it." I just wanted to make sure this also applies to bookmarks before I import all of mine. Thanks for any help!

Chosen solution

All your personal data and this includes bookmarks and logins is encrypted locally using a Sync key derived from the password of the Firefox account before it is uploaded. Since this password is only used locally and isn't known on the server then this means that nobody will be able to decrypt is provided you use a strong/random password and nor something that can simply be guessed via a dictionary lookup extended with some simple rules. This also means that your data is lost if you forget this password and need to reset the password and do not have a recovery key.

Read this answer in context 👍 2

All Replies (1)

more options

Seçilmiş Həll

All your personal data and this includes bookmarks and logins is encrypted locally using a Sync key derived from the password of the Firefox account before it is uploaded. Since this password is only used locally and isn't known on the server then this means that nobody will be able to decrypt is provided you use a strong/random password and nor something that can simply be guessed via a dictionary lookup extended with some simple rules. This also means that your data is lost if you forget this password and need to reset the password and do not have a recovery key.

Modified by cor-el