Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Rohkem teavet

Firefox Lockwise

  • 2 vastust
  • 1 on selline probleem
  • 23 views
  • Viimati vastas Jan

more options

I have a question about Lockwise and the integration of Monitor.

It is claimed that since version 76, Firefox alerts for vulnerable passwords and breaches.

In this article it is explained that Lockwise scans the stored passwords and warns if one of the passwords is identical to one leaked online as well as that it shows breach alerts for sites that have experienced security breaches.

I have Firefox 79, but I don't seem to get either behavior. I can see breaches for my email addresses in Monitor (where I had to manually add the email addresses). But I don't see anything in Lockwise. See the image below, for example. I created a password "abcde" for the website and nowhere does firefox tell me it's "vulnerable" or that it's been exposed elsewhere (it should at least say it's a terribly bad password).

I entered the "abcde" password in the Bitwarden plugin and it tells me (unsurprisingly) the password has been exposed "46564 times in data breaches".

This brings me to a second question: If Lockwise is unable to automatically show a warning if a password has been exposed/is vulnerable, is there an easy way to check that manually (and securely)? Bitwarden has the checkmark button right next to the password, which allows me to quickly check if a password has been exposed. Any way to replicate this in Lockwise? (To be honest, I would prefer the way it is supposed to work in Lockwise with a banner been shown automatically, instead of manually having to click, but it doesn't seem to work.)

I have a question about Lockwise and the integration of Monitor. It is claimed that since version 76, Firefox alerts for vulnerable passwords and breaches. In [https://www.zdnet.com/article/the-firefox-password-manager-now-tells-you-when-you-use-leaked-passwords/ this article] it is explained that Lockwise scans the stored passwords and warns if one of the passwords is identical to one leaked online as well as that it shows breach alerts for sites that have experienced security breaches. I have Firefox 79, but I don't seem to get either behavior. I can see breaches for my email addresses in Monitor (where I had to manually add the email addresses). But I don't see anything in Lockwise. See the image below, for example. I created a password "abcde" for the website and nowhere does firefox tell me it's "vulnerable" or that it's been exposed elsewhere (it should at least say it's a terribly bad password). I entered the "abcde" password in the Bitwarden plugin and it tells me (unsurprisingly) the password has been exposed "46564 times in data breaches". This brings me to a second question: If Lockwise is unable to automatically show a warning if a password has been exposed/is vulnerable, is there an easy way to check that manually (and securely)? Bitwarden has the checkmark button right next to the password, which allows me to quickly check if a password has been exposed. Any way to replicate this in Lockwise? (To be honest, I would prefer the way it is supposed to work in Lockwise with a banner been shown automatically, instead of manually having to click, but it doesn't seem to work.)
Attached screenshots

Valitud lahendus

As this article explains, Firefox will only show a warning if the website was breached AFTER the password was saved.

I do agree with you, however -- Lockwise should be more aggressive when it comes to warnings about unsafe passwords. I'd recommend leaving feedback for the Firefox developers by going to the Firefox Help menu and selecting Submit Feedback... or using this link.

Loe vastust kontekstis 👍 1

All Replies (2)

more options

Valitud lahendus

As this article explains, Firefox will only show a warning if the website was breached AFTER the password was saved.

I do agree with you, however -- Lockwise should be more aggressive when it comes to warnings about unsafe passwords. I'd recommend leaving feedback for the Firefox developers by going to the Firefox Help menu and selecting Submit Feedback... or using this link.

more options

Thanks for this, I have now submitted the feedback. However, the link you sent seems to be just the general Firefox feedback (Firefox makes me happy/sad ...) Is anyone aware of a way to create an actual ticket for feature requests/bugs for Lockwise?