Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

What is the point of having primary password since I see It doesnt change password hasjes in login.json?

  • 1 tontu
  • 0 am na jafe-jafe bii
  • 19 views
  • i mujjee tontu mooy Dropa

more options

One of the help page say: Firefox Desktop encrypts your passwords locally in your user profile directory using a logins.json file. Firefox Desktop uses simple cryptography to obscure your passwords. Mozilla doesn’t have the ability to see passwords, but Firefox Desktop does decrypt the password locally so that it can enter them into form fields.

My understanding is that my local installation uses some auto-generated key to hash my passwords in logins.json. So I established my primary password hoping that all passwords in logins.json will be re-hashed with my new password. But surprisingly ll hashes remain the same. So, where is the security?

One of the help page say: ''Firefox Desktop encrypts your passwords locally in your user profile directory using a logins.json file. Firefox Desktop uses simple cryptography to obscure your passwords. Mozilla doesn’t have the ability to see passwords, but Firefox Desktop does decrypt the password locally so that it can enter them into form fields. '' My understanding is that my local installation uses some auto-generated key to hash my passwords in logins.json. So I established my primary password hoping that all passwords in logins.json will be re-hashed with my new password. But surprisingly ll hashes remain the same. So, where is the security?

All Replies (1)

more options

You can only see the password in the Browser manager and if you want to protect them then you should password protect your system first that will block prying eyes from looking where they shouldn't. One security is only good as the person whom password protects their system. Don't expect the Browser to be the endall of protection.