Master Password+ Improves Firefox's Master Password Feature - gHacks Tech News

Master Password+ Improves Firefox's Master Password Feature

Firefox, like most modern web browsers, offers to save login information so that they do not have to be entered by you again on the next visit to a website or service.

This behavior can be problematic on multi-user systems if users manage to get access to a user's Firefox installation as login information are readily available for anyone who looks for them in the browser's options.

The master password has been designed to protect the saved password listing from other users. It basically means that the password needs to be entered before the listing can be accessed for the first time so that it protects all account information in the program after setting it up.

The master password needs to be entered only once during a Firefox session (that's the time from opening the browser until it is closed again) which may leads to issues.

Anyone can access the password list again once the master password has been supplied with no apparent option to lock the browser again other than to restart it.

Master Password+ has been designed to improve the master password feature of the Firefox web browser and Thunderbird email client.

It adds a set of features to the master password to make it more secure. Among the options is a timeout feature which can be set to reset the master password flag so that it needs to be entered again after a certain time has passed. It is furthermore possible to lock and unlock the master password with the hotkey Alt-L.

master password

The master password prompt can also be launched during browser start so that the profile can only be used if it is entered correctly by the user.

Master Password+ improves the security if the master password is being used in Firefox. The master password itself on the other hand does not offer 100% protection. The add-on is available for Firefox   and the Thunderbird email client.

You can set a master password in Firefox with a tap on the Alt-key, selecting Tools > Options, and then Security > Use a master password.

In Thunderbird, you select Tools > Options, then Security > Passwords > Use a master password.

Summary
Master Password+ Improves Firefox’s Master Password Feature
Article Name
Master Password+ Improves Firefox’s Master Password Feature
Description
Master Password+ is an add-on for Firefox and Thunderbird that extends the master password functionality of both programs.
Author




  • We need your help

    Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

    We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.

    If you like our content, and would like to help, please consider making a contribution:

    Comments

    1. Jojo said on January 5, 2011 at 9:51 pm
      Reply

      I don’t have this add-on installed but when I want to see the stored passwords in FF by clicking the “Show Passwords” button in the Options | Security | Saved Passwords window, I have to enter my master password each and everytime.

      Maybe one of my other add-on’s already takes care of this problem?

      1. Martin said on January 6, 2011 at 12:24 am
        Reply

        Jojo, by default the master password has to be entered once per session. It is likely that you are using a different add-on. I assume that you have not closed the browser between tries.

        1. Jojo said on January 6, 2011 at 6:25 am
          Reply

          No, did not close the browser.

          There is a Show Passwords button at the bottom right. When I click it, I have to enter the master password.

          When the passwords are showing, that button changes to Hide Passwords.

          If I click the Hide Passwords button OR close the window and reopen it, I have to enter the master password again.

        2. Martin said on January 6, 2011 at 11:16 am
          Reply

          Jojo that sounds like an add-on. If you right-click the icon you may see the name.

        3. [email protected] said on January 6, 2011 at 9:04 am
          Reply

          Actually this is a security feature of the Firefox itself.
          If FF is already unlocked, clicking on “Saved Passwords” button in options will not ask for master password, however clicking “Show Passwords” in that window will lock up FF and ask you confirm the master password.

        4. Martin said on January 6, 2011 at 11:09 am
          Reply

          That’s strange Vano as it was not asking me for a second time when I tried it yesterday. I’m running the latest Minefield release, maybe that’s different there?

        5. [email protected] said on January 6, 2011 at 5:22 pm
          Reply

          That “feature” wasn’t changed in latest minefield nightly build. Basically every time user presses “Show Passwords” button (which is inside of “Stored Passwords” window), it will “forget” previously entered master password and ask it again. IMO this is a must-have feature and should not be changed…

        6. Jojo said on January 6, 2011 at 9:46 pm
          Reply

          Not true for me [email protected]

          Even if I have signed with my master password previously, anytime I click “Show passwords”, I ALWAYS get prompted for the master password.

    2. WillyWonka said on January 5, 2011 at 11:21 pm
      Reply

      I do not use this feature to Firefox, I prefer to type my password each time: it is a more secure procedure.

    3. [email protected] said on January 22, 2011 at 9:06 am
      Reply

      mmmm…that’s exactly what I said…what is not true? ;)

      1. [email protected] said on January 22, 2011 at 9:07 am
        Reply

        ops, was replying to Jojo (January 6, 2011 at 9:46 pm)

    Leave a Reply