搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

Firefox 29 synch requires master password removal to work.

  • 4 个回答
  • 13 人有此问题
  • 2 次查看
  • 最后回复者为 Hrens

more options

So, ANYONE with access to my computer can see my passwords. Have you gone TOTALLY MAD???

The point of encrypting passwords in a file is now redundant. Plain text passwords can be seen by anyone with access to one of my machines.

Come on, how about some common sense, and restore allowing master password and sync to work ok together.

So, ANYONE with access to my computer can see my passwords. Have you gone TOTALLY MAD??? The point of encrypting passwords in a file is now redundant. Plain text passwords can be seen by anyone with access to one of my machines. Come on, how about some common sense, and restore allowing master password and sync to work ok together.

所有回复 (4)

more options

I guess you can use a master password to protect them, go to firefox preferences then under security tab check "Use a master password" option and set a password, now only you can view the sensitive information.

more options

Well I think this reply misses the point.

A major part of sync is that it syncs passwords. It no longer does this if you use a master password.

So the choice now is:

1. Use a master password and lose sync on passwords - not much use if you use random passwords

2. Don't use a master password and anyone who can turn my PC on can see all my usernames/passwords in plain text.

This is a major reduction in functionality. I have moved to Pale Moon for the time being as it retains the concern for security in previous FF versions.

more options

If a master Password is enabled, Synch 'Passwords' is greyed out, and Passwords therefore can (and are) no longer synched between machines.

Sync is now USELESS...

more options

Just a few general thoughts (even if I don't use FF sync for now)

a) isn't FF Sync SUPPOSED TO "encrypt" your sync data ? Encrypted during transfer while uploading, while downloading. So the data are useless for sniffers on your connetion "to the net", and ... when the Mozilla "vault" gets broken into, it won't be very helpful for the burglars either.

b) If a) is right, AND you keep your passwords within FF (AND behind a master PW) ... mayb you need to remove the master PW right before sync. AT THAT MOMENT (and until you reactivate MP) your passwords will indeed be vulnerable. So I guess it is wise to sync "manually" :

So I develop -guessing of course- a little plan :

1 (on your device) : open FireFox 2 Sync step: . . . . . . 2.1Enter master PW / unlock passwords . . . . . . 2.2 FF Sync (traffic between browser and sync vault should be encrypted) . . . . . . 2.3 after sync: re-enable master PW 3 Browse freely 4 Before shutdown: repeat syncstep 2 5 close browser

Yes, your passwords may ne vulnerable if your device gets hacked into DURING phase 2 or 4

Is this an acceptable risk ?

Another option may be to use another password manager. That MAY BE safer, or not. I started using xmarks (sync bookmarks between machines) and later Lastpass (sync passwords only). They seem to work. Today FF, but ONLY for FF of course. Xmarks / Lastpass CAN be used to sync on the "work" machine too, where MSIE is needed too, for pwd protected "intranet" stuff.