Is it safe to store ur passwords in Mozilla Firefox

[Aya-tan]

Hey,


One question i want to know is it safe to store passwords in mozilla firefox?
one of my friends says his password got leaked into some warez site(his emails, facebook acc, etc) is it possible?

[chikorita157]

Usually, but the problem is that a person can see all the stored passwords without noticing. Just go to Firefox Preferences and click Security > Save Passwords and click "Show Passwords" and it will show all the passwords... This will happen if you don't set a master password.

It's better to use a third party Password manager like Roboform (on Windows) or 1Password (Mac) which you can lock with a separate password (it's not recommended using the same password for protecting all your logins)

[TheFluff]

http://keepass.info/

[Aya-tan]

thanks for the info
i'll use keypass

[SeijiSensei]

Quote:

Originally Posted by Aya-tan

One question i want to know is it safe to store passwords in mozilla firefox?
one of my friends says his password got leaked into some warez site(his emails, facebook acc, etc) is it possible?

I think it's at least as likely that the password was lifted from some site he visited than that it was taken from Firefox. There are many websites out there with poor security designs and practices.

Another possibility is that he has inadvertently installed a keystroke logger onto his machine.

[sa547]

Quote:

Originally Posted by Aya-tan

one of my friends says his password got leaked into some warez site(his emails, facebook acc, etc) is it possible?

Your friends shouldn't be downloading anything from illegal warez sites because some of these programs have keylogger routines attached to them which, once installed and loaded on memory, can record and transmit the victim's keystrokes to the hackers, so that they get away with stolen accounts (especially online game and banking accounts).

[Aya-tan]

yup he download lots of shits from warez sites
i can see a lots of craps in his Add and Remove Program

[SaintessHeart]

The simplest idea is not to store your passwords anywhere. NEVER have anything to remember your password, no matter how secure it sounds because there is no such thing as a secure system. There is no harm exercising a few brain cells to remember more complex sequences.

Btw the encoding for Firefox's password remembering utility has already been reversed engineered by some 24/7-in-front-of-PC guy in a few months since they implemented it, so as I heard from some "sources".

[SeijiSensei]

Quote:

Originally Posted by Aya-tan

yup he download lots of shits from warez sites
i can see a lots of craps in his Add and Remove Program

If he wants to continue this behavior, then he needs to stop using Windows.

[leoblack9]

It's either any of these reasons why you should store passwords.

• The passwords you store belong to accounts that doesn't hold anything valuable (ex. Animesuki account, for me anyway)
• You and ONLY you are the only user of the computer. If computer is for public use, then forget about it.
• If you have lots of passwords for anything money-related, it's best to just damn memorize it. Nothing else is as secure and trusted as your own brain.

Hmmm, I usually just keep a copy in a textfile hidden alongside my "videos" folder. Who looks for passwords in there anyway?

[chikorita157]

I store passwords using 1Password, a password manager that works on Mac OS X with Safari, Firefox, etc. This way, I don't have to keep typing in the password since I'm the only person who uses my Macbook Pros.

Be aware that if you save passwords in the password manager and don't have it locked with a different password, anyone who have physical access can go in and load the password manager in Firefox and use the "Show all Passwords" option that will reveal all the passwords stored on the manager. Rule of thumb, always lock your computer when you are leaving your computer even for a few minutes.

Quote:

The simplest idea is not to store your passwords anywhere. NEVER have anything to remember your password, no matter how secure it sounds because there is no such thing as a secure system. There is no harm exercising a few brain cells to remember more complex sequences.

Btw the encoding for Firefox's password remembering utility has already been reversed engineered by some 24/7-in-front-of-PC guy in a few months since they implemented it, so as I heard from some "sources"

I wouldn't say I would avoid using password managers at all cost, but the Firefox password manger should be avoided at all cost and you should use a third party manager that offers encryption. Third party password managers can also protect you from phishing attacks... but if you going to use a password manager, make sure you have a strong password (with a combination of letters and numbers and no using passwords with words found in the dictionary or personal information. Remember, the longer the password, the better) and also lock the password manager when you are away from the computer or set it so it will lock automatically after minutes of inactivity so you can protect your logins... Of course, you still need to protect your computer with a Antivirus and/or Firewall unless you are not using Windows.

I advise against using password managers on a public or shared computer since more than one person may have access to your logins.