Auto Logout of Firefox Sync on Quit
How can configure Firefox to automatically log out of Firefox Sync when the browser is quit?
I know Google Chrome (somewhat infamously) does not allow users to do this, presumably because they want to slurp up as much user history data as possible, but I assumed Mozilla would support this feature. In fact, the *only* reason I just downloaded Firefox and created a sync account was because I expected this feature to exist.
This question was previously asked here https://support.mozilla.org/en-US/questions/1275381 , however the accepted answer does not actually address the asked question.
All Replies (6)
I think your initial question and the other thread address different things. Do you mean, when you exit Firefox, you want:
(A) Firefox will not connect to Sync automatically at the next startup; or
(B) Firefox will erase various data stored locally in your profile that was introduced by Sync in a previous session (the issue in the other thread); or
(C) Both?
There's no built-in option for (B), as you can tell from the other thread.
For (A), I don't think there currently is a way to have Firefox forget your Firefox Account credentials at shutdown. But there is a way to block Firefox from using them automatically to Sync.
Try setting a Master Password. If I have not entered my Master Password and I click Sync Now, I am prompted to enter it before Firefox can connect to my account. On the server side (https://accounts.firefox.com/settings/clients), I can see that Firefox has not connected since the last shutdown as long as I don't enter the Master Password.
More info on the Master Password feature: Use a Primary Password to protect stored logins and passwords.
Modified
RE: jscher2000
> I think your initial question and the other thread address different things.
For the record, I did not ask the "other question." This being said, by my reading, it is asking the same thing as I am asking in this thread. Specifically it asks:
> I'm logged into Firefox with a Firefox Account and want to have to log into that account every time I open Firefox after closing it.
The key bit being "I want to have to log into that account every time I open firefox after closing it." Which means the same thing as "I want to automatically be logged out of sync when I quit Firefox."
The rest of the text in the question is merely providing context for the first sentence (the user is detailing the various ways in which they *attempted*--but failed--to accomplish their goal).
Regarding your question, I mean (A): I want to not connect to Sync automatically at the next startup. A.k.a I don't want Firefox to "remember me" between browsing sessions. A big thanks for your response, though I'm extremely disappointed that the answer is "no, you can't do this."
Firefox, like Google, is forcing a privacy and security liability upon its sync users by not allowing them to automatically log out.
Using Firefox Sync in a shared computer workspace is incredibly dangerous if you need to remember to manually log out every time (and the response "don't use sync then" is irresponsible, none of my coworkers are tech savvy enough to know when they can and can't use a feature like sync--as an admin, I want to provide the safe defaults for them).
Anyway, if any Mozilla engineers are keeping track, this has caused me to uninstall Firefox.
jscher2000 said
I think your initial question and the other thread address different things. Do you mean, when you exit Firefox, you want: (A) Firefox will not connect to Sync automatically at the next startup; or (B) Firefox will erase various data stored locally in your profile that was introduced by Sync in a previous session (the issue in the other thread); or (C) Both? There's no built-in option for (B), as you can tell from the other thread. For (A), I don't think there currently is a way to have Firefox forget your Firefox Account credentials at shutdown. But there is a way to block Firefox from using them automatically to Sync. Try setting a Master Password. If I have not entered my Master Password and I click Sync Now, I am prompted to enter it before Firefox can connect to my account. On the server side (https://accounts.firefox.com/settings/clients), I can see that Firefox has not connected since the last shutdown as long as I don't enter the Master Password. More info on the Master Password feature: Use a Primary Password to protect stored logins and passwords.
John said
Using Firefox Sync in a shared computer workspace is incredibly dangerous if you need to remember to manually log out every time (and the response "don't use sync then" is irresponsible, none of my coworkers are tech savvy enough to know when they can and can't use a feature like sync--as an admin, I want to provide the safe defaults for them).
Don't use Sync on a shared computer! It is not designed for that AT ALL. It is meant to share data among multiple installations of Firefox, replicating the data into local disk storage indefinitely.
If you need to use Sync on a shared Windows computer, make sure you log out of your Windows user profile so others need to log in under their own Windows user profile. Firefox separates settings folder by user.
It seems you want to fire up a temporary instance of Firefox, like a virtual machine instance, that disappears when you close it. Mozilla does not offer that.
Probably the closest thing would be to carry around a USB flash drive with Firefox Portable installed on it. This is a special self-contained build of Firefox for Windows created by PortableApps:
https://portableapps.com/apps/internet/firefox_portable/
For Mac, I don't know, maybe there is a different portable instance.
> It seems you want to fire up a temporary instance of Firefox, like a virtual machine instance, that disappears when you close it. Mozilla does not offer that.
Yes. Though a virtual machine sounds like overkill. I just want cached data to be deleted (which is already possible to a certain extent) AND the user to be forced to re-sign in to Sync when they next open Firefox.
Unsurprisingly, users carry the assumptions and conventions of "the web" over to "the web browser." It's completely safe to sign into a website from a shared computer (and generally, quitting the browser will automatically sign the user out). It's reasonable for an end user to expect that signing in to Firefox Sync will work similarly.
I realize that you're not a Firefox developer and in no position to act on this thread, but the current design of Firefox Sync is dangerously counterintuitive for my coworkers. Simply saying "well, they need to read the docs better" (and understand that sync isn't meant to be used in a shared environment) is a horrible solution to a security problem.
Basically, Firefox (in the footsteps of Chrome) has created a feature that mimics the way a website works in many respects, but *does not mimic the way a website works in relation to security/privacy*.
By default, Firefox should use secure defaults. In this case, that means a user should automatically be signed out of Sync unless they manually check some kind of ~ "stay logged in when you quit Firefox" box.
I hope this feedback eventually reaches one of the Firefox devs.
Hi John, I don't think there is any way to seamlessly synchronize (combine) data between the local Firefox and your existing Firefox installations, and then later remove (uncombine/disentangle) the data that did not exist on the system prior to Sync. That is the topic of the other thread, which has nothing to do with whether you are signed in or signed out. Signing out doesn't change the local data.
What would you propose as the solution for this?
Should there be better warnings in the sign-on dialog/page explaining that Sync combines data and it will remain stored on disk even after you sign out? That doesn't require rearchitecting Sync or tagging data sources in local files, which I suspect would take ages to implement.
Would it be useful to have a public/shared computer option, and have Firefox create a new "temporary" profile, rather than joining the profile you started in with your existing Firefox installations? Of course, there still needs to be some method to delete that "temporary" profile from disk, and it's not clear to me exactly what should trigger that. Simply exiting Firefox? What if I want to use it for a couple of days?
Some places to submit your proposals for feature changes include:
- Firefox Development forum: https://discourse.mozilla.org/c/firefox-development
- Bug tracking system: https://bugzilla.mozilla.org/
What would you propose as the solution for this?
So, before I describe the solution that I would implement, let me describe the two user stories I see from my coworkers. I think it's important to start here, because while there are many different ways to respond to a user story, I see the user stories themselves as hard requirements.
The first user story is the less common one: someone wants access to their personal bookmarks/extensions/settings at work, so they sign into Firefox Sync on their work computer. Later, when they leave, they forget to sign out. I work at a nonprofit where most of the computers (and many logins) are shared. The next person who opens up that computer finds that the previous person is still logged in. They probably won't notice this (because many people don't use Sync), and they just use the computer normally but suddenly have access to all the saved passwords of the previous user (they might never know why). When the next person goes to log into Gmail, they find that they are already logged into someone else's Gmail account and have access to all their personal email (don't get me started on the fact that Google forces "remember me" on all their users).
The second user story is similar to the first, but it involves someone's work account. We use GSuite and often use shared computers (and logins) different days of the week. An easy way to take your browser settings with you is to log into Sync using your work account. Again, often someone will forget to log out and the next person has access to all their passwords, cookies, etc, including their work email.
While the first story results in a privacy/security violation for the individual, the second story results in a privacy/security violation for the organization. The simple solution would be to either force people to log into sync every time they open Firefox, or to disable Sync entirely.
So having shared those user stories, here's what I see as a possible solution (speaking as a programmer who hasn't given it much thought) (I'll also speak from the perspective of a Mac user):
- Firefox is installed in the Mac's Applications folder - Someone logs into a User account on the mac and starts Firefox - The user logs into Sync. When they do so, they are presented with some kind of "remember me" option which is, by default, not checked. The user does not check this option. - A Firefox user folder is created for this Sync account in `$USER_HOME_FOLDER/Library/Firefox/users` - Sync data, including extensions, settings, bookmarks, browser history, etc, is saved to this Firefox user folder - When the user signs out of Firefox Sync OR quits Firefox, their Firefox user folder is deleted. - If they had selected "remember me" when signing in, then quitting Firefox would not delete this user folder.
Obviously this is a simplified example. Off the top of my head, I can't remember if Sync supports syncing only some information (e.g. only bookmarks). If it does, a question is "What happens to data that isn't synced when the user logs out?" Etc.
Anyway, thanks a lot for the info and the link to the developer forum. I'll share my feedback there.
PS:
Should there be better warnings in the sign-on dialog/page explaining that Sync combines data and it will remain stored on disk even after you sign out?
This would definitely be an important improvement -- I myself didn't realize until reading this that sync data remains stored on disk even after you sign out! This still wouldn't address one of the underlying issues though: that users *want* the ability to move their Firefox settings between computers in a secure way.
Sync could also, potentially, addresses some other issues: for instance, Google (infuriatingly) forces users to manually log out of their accounts. If Sync allowed me to "auto sign out" when the browser was quit, and if it removed all locally stored data related to my sessions, then it would have the effect of allowing me to "auto sign out" of Google as well.
jscher2000 said
Hi John, I don't think there is any way to seamlessly synchronize (combine) data between the local Firefox and your existing Firefox installations, and then later remove (uncombine/disentangle) the data that did not exist on the system prior to Sync. That is the topic of the other thread, which has nothing to do with whether you are signed in or signed out. Signing out doesn't change the local data. What would you propose as the solution for this? Should there be better warnings in the sign-on dialog/page explaining that Sync combines data and it will remain stored on disk even after you sign out? That doesn't require rearchitecting Sync or tagging data sources in local files, which I suspect would take ages to implement. Would it be useful to have a public/shared computer option, and have Firefox create a new "temporary" profile, rather than joining the profile you started in with your existing Firefox installations? Of course, there still needs to be some method to delete that "temporary" profile from disk, and it's not clear to me exactly what should trigger that. Simply exiting Firefox? What if I want to use it for a couple of days? Some places to submit your proposals for feature changes include:
- Firefox Development forum: https://discourse.mozilla.org/c/firefox-development
- Bug tracking system: https://bugzilla.mozilla.org/
Modified