Make sure you set a master password in Firefox

Martin Brinkmann
Oct 2, 2007
Updated • Oct 21, 2013

I consider the Firefox Master Password a must-set security feature of the web browser if you are using Firefox's built-in password manager to save usernames and passwords.

While that is very comfortable to do, as you do not need to memorize passwords anymore to log in to websites and do not need to type the data manually anymore as well, it is also a security risk if you do not set a master password as anyone with access to your computer may access the password database or log in to sites.

Anyone with access to your computer is able to go into Alt-Key -> Tools > Options and click on Show Passwords under the Security tab.This displays a list of all authentication information -- that is username, password and the website they are associated with -- that you have saved in Firefox previously.

A click on the button 'Show passwords' in that new menu displays all corresponding passwords for all sites. Gmail, Blogs, Myspace, nothing is really safe. By taking a look at your passwords someone could also analyze patterns. If you were using the same passwords on all sites it is fairly easy to assume that your pop3 email account would most likely use the same password as well.

Set a Firefox Master Password

To set a new Master Password in Firefox do the following:

  1. Go back to the Security tab in the browser's options.
  2. Here you need to check the "Use a master password" box.
  3. The Change Master Password window that you see on the screenshot above opens up.
  4. Type the new password twice here and click ok to save it.

Note: It is highly recommended to select a safe password. Use the password quality meter as guidance. It is also important to note that you will lose access to all information stored in the password database of the browser if you forget the Master Password.

You will be asked to enter the Master Password once per session from that moment on, usually when the browser starts. If you close Firefox and reopen it again, you will be asked again for it.


Tutorials & Tips

Previous Post: «
Next Post: «


  1. Adam said on October 3, 2007 at 9:00 pm

    @Chris & WizzKid: Complexity does not make a difference. Its a security hole in firefox and has nothing to do with the strength of your password.

  2. Benóný (Iceland) said on October 3, 2007 at 10:42 am

    yesyes i knew about this, but I got to tired of typing the password over and over again so I disabled it x) Doesn’t matter for me because all my friends coulnd’t propably find the options :P

  3. Bush Mackel said on October 3, 2007 at 1:51 am

    Great tip. Never knew it! And with my luck my crazy coworker would try and get my stuff.

  4. Rico said on October 2, 2007 at 10:26 pm

    Thanks for this tip.
    Firefox should do a better job letting users know about this ‘feature’.

  5. WizzKid said on October 2, 2007 at 9:56 pm

    @Kris: A combination of numbers, capitals and non-caps all in a 10 character word should be solid?

  6. chris said on October 2, 2007 at 9:12 pm

    thanks for this martin.

    i too did not know that you could show passwords in ff.

    @kris: note to self: make complex password :D thanks for the heads up on this!!

  7. gnome said on October 2, 2007 at 8:15 pm


  8. Kris said on October 2, 2007 at 8:13 pm

    There is a master password cracker for Firefox available, so if you’re going to use a MP, try to make sure it’s a non-trivial one.

  9. WizzKid said on October 2, 2007 at 6:16 pm

    Thanks for the heads up! Never realized firefox allowed to show passwords!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.