Avatar for Username

Rechercher dans l’assistance

Évitez les escroqueries à l’assistance. Nous ne vous demanderons jamais d’appeler ou d’envoyer un SMS à un numéro de téléphone ou de partager des informations personnelles. Veuillez signaler toute activité suspecte en utilisant l’option « Signaler un abus ».

En savoir plus

Ce sujet de discussion a été archivé. Veuillez poser une nouvelle question si vous avez besoin d’aide.

Firefox Android - No Authentication required to fill user credentials

Mistful
Mistful
more options

Hi,

I am an avid user of Firefox on Windows/Linux/Android. The password saving/auto-filling works great on my Windows and Linux devices. I like that the master password allows me to authenticate before any user credentials are filled in. I did however notice that on my Android Phone, there's no way to force authentication when filling in user credentials. I consider this a great privacy risk, considering that if anyone were to get access to my phone, they would without any hassle get access to a bunch of my accounts. I checked in the settings, and I cannot find a setting for it anywhere.

I am running the latest version of Firefox from Google Play. Firefox version: 84.1.4 (Build #2015785883) Phone: Samsung S10 running Android 10

Thank you.

Hi, I am an avid user of Firefox on Windows/Linux/Android. The password saving/auto-filling works great on my Windows and Linux devices. I like that the master password allows me to authenticate before any user credentials are filled in. I did however notice that on my Android Phone, there's no way to force authentication when filling in user credentials. I consider this a great privacy risk, considering that if anyone were to get access to my phone, they would without any hassle get access to a bunch of my accounts. I checked in the settings, and I cannot find a setting for it anywhere. I am running the latest version of Firefox from Google Play. Firefox version: 84.1.4 (Build #2015785883) Phone: Samsung S10 running Android 10 Thank you.

Solution choisie

I think the idea of the current design is that the thief would only see •••••• and not the actual password text. When attempting to view the text, they'll need to enter your device PIN or whatever other way you've secured your device.

There probably is a way to use debugging to bypass this limited protection, so it certainly would be preferable to have a strong password to unlock the password manager as we have on desktop.

There is a feature request for this on file over here:

https://github.com/mozilla-mobile/fenix/issues/14428

I can't tell whether work is being done on it (I don't know Github that well).

Lire cette réponse dans son contexte 👍 1

Toutes les réponses (1)

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 10 Contributor
more options

Solution choisie

I think the idea of the current design is that the thief would only see •••••• and not the actual password text. When attempting to view the text, they'll need to enter your device PIN or whatever other way you've secured your device.

There probably is a way to use debugging to bypass this limited protection, so it certainly would be preferable to have a strong password to unlock the password manager as we have on desktop.

There is a feature request for this on file over here:

https://github.com/mozilla-mobile/fenix/issues/14428

I can't tell whether work is being done on it (I don't know Github that well).