We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

How can I let an employee use but not see my saved Firefox passwords?

  • 6 replies
  • 1 has this problem
  • 3 views
  • Last reply by roberttx

more options

I want to allow an employee to use certain accounts of mine and plan on doing so by creating saved logins, with saved passwords, on their workstation.

However, I do not want them to be able to see what those passwords are by using the Show Passwords option.

I've looked at using a master password, but it seems that Firefox would ask for that once per session just to let them use the saved logins. That would either (a) allow them to see the saved passwords, defeating the purpose, or (b) even if it didn't it would mean me having to enter the master password for them every session, which would be onerous at best and impossible if I was out of town.

For clarity: these accounts are on sites that won't let me create subsidiary logins for the account. Also, I trust the employee to use the account, from their workstation, but don't want to give them knowledge of the password. The harm that they could do with the former is an acceptable risk, while the harm that they could do with the latter is not.

If anybody has a solution, I'd be grateful to hear it. Thanks.

I want to allow an employee to use certain accounts of mine and plan on doing so by creating saved logins, with saved passwords, on their workstation. However, I do not want them to be able to see what those passwords are by using the Show Passwords option. I've looked at using a master password, but it seems that Firefox would ask for that once per session just to let them use the saved logins. That would either (a) allow them to see the saved passwords, defeating the purpose, or (b) even if it didn't it would mean me having to enter the master password for them every session, which would be onerous at best and impossible if I was out of town. For clarity: these accounts are on sites that won't let me create subsidiary logins for the account. Also, I trust the employee to use the account, from their workstation, but don't want to give them knowledge of the password. The harm that they could do with the former is an acceptable risk, while the harm that they could do with the latter is not. If anybody has a solution, I'd be grateful to hear it. Thanks.

Chosen solution

I guess that settles it then. It would appear that there's no secure way of half-assing it, as I'd hoped.

I'll have to pay for some software at the other end, to deal with the ebay stuff. At least until they announce that they're further improving the site by preventing anybody from listing anything at all...

I'll call this one closed. Thanks to all for your help.

Read this answer in context 👍 0

All Replies (6)

more options

There is no way to do what you want. The Password Manager would always be accessible. Even if you find some way, Safe Mode would override.

You could always set up their own password with limited access. What is it you want your employee to do?

more options

The master password (MP) is used to encrypt and decrypt the user names and passwords in the Password Manager, so a user (or you) would have to enter the MP to be able to use the passwords in a form on the web page. Without using a MP users of that Firefox profile can always access the passwords. When the passwords are unlocked or not protected by a MP then anybody can access the passwords.

more options

FredMcD said

You could always set up their own password with limited access. What is it you want your employee to do?

They are going to be listing items for sale on various e-commerce platforms. Sadly, the 800lb gorilla of them all, ebay, no longer allows subsidiary logins for employees. They used to, calling it multi-user access and paypal still does, but for some reason ebay eliminated it.

more options

cor-el said

The master password (MP) is used to encrypt and decrypt the user names and passwords in the Password Manager, so a user (or you) would have to enter the MP to be able to use the passwords in a form on the web page. Without using a MP users of that Firefox profile can always access the passwords. When the passwords are unlocked or not protected by a MP then anybody can access the passwords.

I think I understand. The master password adds an extra layer of encryption on top of that using the the key3.db file.

So, it seems that a master password isn't going to help me. Is anybody aware of a third party solution that might?

more options

There might be a third party program that can do what you want, but there is also an add-on that can display unblocked data in the password field.

more options

Chosen Solution

I guess that settles it then. It would appear that there's no secure way of half-assing it, as I'd hoped.

I'll have to pay for some software at the other end, to deal with the ebay stuff. At least until they announce that they're further improving the site by preventing anybody from listing anything at all...

I'll call this one closed. Thanks to all for your help.