Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Rohkem teavet

What type of encryption does the built-in password manager use?

  • 1 vastus
  • 1 on selline probleem
  • 40 views
  • Viimati vastas TyDraniu

more options

I've been trying to know how secure is the built-in password manager in Firefox. On the web, some say it uses SHA-256, others SHA-1 with one iteration (wich would be awful!!!). If it's not secure enough, I will use another password manager.

I've been trying to know how secure is the built-in password manager in Firefox. On the web, some say it uses SHA-256, others SHA-1 with one iteration (wich would be awful!!!). If it's not secure enough, I will use another password manager.

Valitud lahendus

When using a master password, passwords are encrypted using Triple DES Encryption in CBC mode. This is OK.

The problem is, master password is encrypted using SHA-1 with 1 iteration. This is quite weak (see bug 524403).

You still can use another pass manager.

Loe vastust kontekstis 👍 1

All Replies (1)

more options

Valitud lahendus

When using a master password, passwords are encrypted using Triple DES Encryption in CBC mode. This is OK.

The problem is, master password is encrypted using SHA-1 with 1 iteration. This is quite weak (see bug 524403).

You still can use another pass manager.

Muudetud TyDraniu poolt