Search on my Blog

Friday, December 24, 2010

Stored Passwords In Firefox

There is a severe security risk in Firefox, that most people aren’t even aware of. All the passwords stored or “remembered” in the browser are accessible to anyone who happens to get on their computer (both physically or with hacking tools). Just try this in Firefox:Show saved passwords - xptricks.net

  1. Go to Tools -> Options and select the Security tab.
  2. Press the Show Passwords button in the middle-right of the window.
  3. You should now see a list of sites and your usernames stored. Press Show Passwords again.

See what I mean? Anyone who has access to your computer could have a pretty good “look” at those…

undefinedThe way to protect yourself from this danger, is to either use a special software such as KeePass to store passwords, or to use Firefox’s own Master Password option (MPW). To enable it, go back to the Security tab in the Options window and check the box Use a master password. Set the Master Password and you’re a lot safer!

undefined

Now, every time you start your browser and log in somewhere, Firefox will ask for the Master Password. You won’t be asked for it any more. It will also ask the MPW when trying to view saved passwords the way I explained earlier or when doing anything else with your personal data. This tool will really help you in remembering passwords, as I hope every one of yours is different… Or it’d better be…

A bad guy can also use a plugin or script to view saved passwords in Internet Explorer, but there is no Master Password tool to protect yourself with. Another point for Firefox.

No comments: