Keep your passwords secure within Firefox
One of Firefox’s long time conveniences that is often overlooked is the option to secure all your username and passwords with a single master password. When you log on a web service such as a forum, a web mail account or a financial institution, Firefox will ask if you want to remember the user name and password you have just entered. Options are to remember the password, not at this time (default option) or never remember it.
If you choose to Remember, Firefox will encrypt and store your credentials (in the signons.txt file). However if some person launches Firefox while you are logged in, he will get instant access to all your saved web sites and credentials.
Fortunately, you can set a master password that protects all your other passwords.
- In the Tools menu, select Options…
- In the Options window, select the Security page
- Click on Use a master password and you will be prompted to enter the desired password and once again to confirm. Now take a while to decide on what your password should be:
- Forget about your name, last name, telephone, birth date, nickname, your relatives’, neighbors’ and pets’.
- A strong password should be between 6 and 9 random characters (no words) and contain capital and lowercase letters, numbers and special characters like ()[]{}#$%^&*!@;:<>
- Here’s an easy way to set a strong and easy to remember password:
- Think about a 6-8 word phrase such as a slogan, song, mantra, poem, etc. For example, this excerpt from La leyenda del tiempo: El sueño sobre el tiempo volaba como un velero. I’ll take the first letter of each word: essetvcuv
- Now capitalize at least two letters. To make it easier to remember which select either nouns, verbs or adjectives. I choose two nouns: esseTvcuV
- Now replace at least two characters for numbers. You can use similarly shaped numbers. For example, I replace first the first e with a 3 (as it resembles E) and u with 1 because un in Spanish means a or one: 3sseTvc1V
- Now replace at least two characters for special characters, once again you can use similarly shaped characters. For example, I replace first s with $, and c with a (: 3$seTv(1V.
- So my password is 3$seTv(1V, a very strong password that Firefox quality meter rates at top quality, and it’s not the hardest to remember for you. Having used these kind of password for some years now I can tell it finally becomes automatic after a few days. Of course you can use this simple technique to set any other password.
- That’s it. The next time you access a web site which credentials are stored, Firefox will prompt for the master password to autofill the form.
Comments
Kent
My question was answered by the announcement of the password manager vulnerability. So I’ll stick with RoboForm, which won’t fill forms unless there is an exact URL match and it warns when it fills in sensitive fields, so it will catch invisible autofills.
On Firefox, access web sites with your fingerprints : Mozilla Links
[...] and should not be used for protecting highly confidential data. It’s about convenience. So strong password guidelines should still be followed to ensure proper information [...]
Judith Mills
Over and over again I’ve tried to go into TOOLS, OPTIONS, SECURITY, etc. and checked REMEMBER PASSWORD but each and every time I log into Firefox now, I am asked over and over again for my ID and password on every single site that used to have the automatic ID/password filled in. This is good reason to delete Firefox forever.
james smith
Hello, would you please explain specifically, step by step, how to change a log in id that the computer has memorized? Thank you, J. Smith
Kent
I have a question regarding saved passwords and anti-phishing. Will Firefox only supply saved passwords to the exact URL from which they were culled? If so, it seems like a good anti-phishing feature. Does the saved passwords feature warn about phishing sites, or allow users to override a bad URL and fill the phishing site?
Reply