ssl authorization passwords saved although never remember passwords set
My firefox is set to always use private browsing and never remember passwords. But if I open a new private windows and go to a web page that requires SSL authentication and I put in a user and password and then close the window, firefox has saved that info. If I open a new private browsing window and go to same webpage it does not azsk for authentication again. Is there a setting to get rid of ALL passwords?
All Replies (7)
Some webpages remember your computer by its IP for a certain period of time. Does this issues still occur if you wait a hour before opening Firefox back up and going to that page?
the password is cleared after all firefox windows are closed. I am trying to find out how to set options so password is cleared when window in which password is entered is closed. I also would like to know what other information firefox saves from new private windows. This behavior is a security risk.
Passwords are saved via cookie. So if you are still in private browsing the cookie is still there unless you log off from the site/ fully close Firefox.
Do you mean authentication via a normal log in field on a website that uses cookies or is this about a pop-up for basic authentication?
The latter is saved as an Active Login.
Note that all open PM mode windows use one cookie jar, so if there is one PB mode tab open then the PB cookie jar isn't cleared.
That is apparently the problem. I would like each PB window to be independent. This should be configurable. Is it? Actually I would prefer to lauch independent Firefox instances but it doesn't seem to want to let me. Is there a way?
Modified
If your trying to have multiple instances of Firefox I suggest checking out this webpage. http://www.makeuseof.com/tag/firefox-profiles-run-multiple-firefox-profiles/
while multiple profile could be a last resort that approach seems best for firefox windows or sessions that are significantly different from each other...i just want similar private windows that don't talk to each other...prefer some kind of "about:config" solution...loosing faith...next I will find out NSA has obvious backdoor right in source code...aarrrrgggh