Firefox's New Form Autofill is awesome

Martin Brinkmann
May 24, 2017
Updated • May 23, 2017

Mozilla is working on a new form autofill system in the Firefox web browser that will replace the current system eventually.

Form autofill is a handy feature, as it allows users of the browser to fill out form fields automatically. The current implementation uses frecency (frequency + recency) for that, and has been part of the browser since 2009.

Firefox displays suggestions when you type in a form field. It displays a sorted list of options for the field, and filters them once you start typing.

The new form autofill that will launch later this year in Firefox changes this mechanic. Basically, what it does is use profiles to fill out all matching fields on the form immediately, instead of just a single field.

Instead of having to fill out each field of the form individually, you'd simply pick one of the available profiles to fill out all fields at once.

Note: The feature landed in Nightly. It is a work in progress, and things may change. You can give it a try right now if you run Nightly, but some things won't work properly right now.

Setting up the new Form Autofill in Firefox

The new Form Autofill requires that you set up at least one profile in Firefox. The browser picks those up automatically, and you can select them on a form by form basis if you have added multiple profiles to the browser.

Step 1: Open the Privacy options

setup firefox autofill profile

Load about:preferences#privacy in the Firefox address bar. This opens the privacy preferences of the browser. Locate the "forms & passwords" section on the page.

Make sure that "enable profile autofill" is enabled. Click on saved profiles to manage the profiles.

Step 2: Add or edit profiles

setup firefox autofill profile

Firefox lists all profiles that exist on the page that opens. You can add, remove or edit profiles here. Click on the add button to create a new profile in the Firefox web browser.

Step 3: Fill out profile information

setup firefox autofill profile

The next page lists the fields that are currently available for profiles. You can fill out some or all of them.

Some restrictions apply currently. Only the United States is supported under Country for instance, some fields are missing, and data transformations for some types are not supported either.

Click on the save button once you are done. Firefox takes you back to the list of available profiles. You should see the new profile listed there, and may click on edit at any time to change data, or remove to delete it completely.

The future

Mozilla notes that the new autofill functionality won't work on most sites right now, as it is currently limited to forms that support the @autocomplete attribute on <input> elements. This will change soon when heuristics are added to determine the right field types when @autocomplete is not supported.

Mozilla plans to ship improvements soon. These include, among others, options to save data to profiles when you fill out forms, a preview of all data when you highlight a profile, and support for select dropdown fields.

Closing Words

I'm looking forward to this new autofill functionality of the Firefox web browser. I wish Mozilla would add support for custom fields as well, to make the system even more flexible than it is right now.

You can follow development on the official Form Autofill Wiki page on the Mozilla website.

Now You: do you use form autofill regularly, at all?

Firefox's New Form Autofill is awesome
Article Name
Firefox's New Form Autofill is awesome
Mozilla has been working on a new form autofill system in the Firefox web browser that will replace the current system eventually.
Ghacks Technology News

Tutorials & Tips

Previous Post: «
Next Post: «


  1. aga said on May 15, 2020 at 9:42 pm

    I have Firefox 63 and don’t see that option under Forms & Passwords , where it is?

  2. Джордж said on May 25, 2017 at 11:09 pm

    Awesome like Opera almost… 15 years ago?

  3. ilev said on May 25, 2017 at 8:11 am

    Autofill is never awesome. Its a security hazard

  4. aiden said on May 24, 2017 at 11:13 pm

    a useless feature when Mozilla have soooooo many bugs that need fixing that are getting ignored.

  5. Clairvaux said on May 24, 2017 at 9:54 pm

    Security model of American cop Michael Bazzell, turned privacy consultant :

    1. Identifiers of non-critical Web accounts (forums, media sites…) are stored in the cloud under Last Pass.
    2. Identifiers of valuable Web accounts (Amazon, secondary email accounts…) are stored locally under Kee Pass.
    3. Identifiers of top sensitive accounts (personal email and bank account) are stored exclusively in Bazzell’s head.

    1. Tom Hawack said on May 25, 2017 at 10:52 am

      Private eyes of the past are now private ears as well!

      This 3-level approach is interesting, appropriate. Nevertheless concerning (3) we all know that a brain’s memory cannot recall complex digital patterns, not to mention many of them. I cannot remember 1 (one) single 32 alpha-numerical-custom character password! I hope Mr. Bazzell doesn’t have too many so called sensitive accounts.

      Also, off-topic, the paradox of knowing a secret. On one hand, If you don’t know it you’ll never be able to confess it, but under torture will you regret not knowing it? Strength of spirit includes, I guess, being aware of ourselves to the point of anticipating our own weakness.

      – Gimme that password or we’ll block your access to gHacks.
      – No, no, not gHacks, please, I tell you, I don’t know the code!

      I’ll investigate on this Michael Bazzell case, an Italian-sounding name as the famous Serpico of the seventies!


  6. Tom Hawack said on May 24, 2017 at 6:48 pm

    I never use whatever autofill feature, except for logins. I may be excessively cautious, led by an old fashioned way of seeing things, but I happen to dislike my personal data available anywhere else then on an encrypted application which is not, never, the application requiring the data. And when it comes to name, address and other personal matter, I have it in mind as well as my age (I’m even able to computerize this dynamic data). The general idea here is “the less possible on local, less then the less possible with data transfer”. That’s how it goes nowadays, far from my Web’s first years’ gullibility.

    I don’t understand the very pertinence of this ultimate assistance provided on electronic devices. The way it’s going it’ll soon be “Breath and we’ll take care of the rest”. Get off of my back, period.

    1. jern said on May 25, 2017 at 3:48 am

      @Tom Hawack
      You write…The way it’s going it’ll soon be “Breath and we’ll take care of the rest”.

      That reminds me of the runners prayer – God, if you’ll lift my feet, I’ll put them down.

      I watched The Matrix the other day. I was surprised how prescient the movie seemed to be. Soon, technology will not need us except as a power source.

    2. Henk van Setten said on May 24, 2017 at 9:24 pm

      I do agree with Tom Hawack and Clairvaux, but I do go a small step further in that I don’t want to use any kind of password manager software, neither with local nor with cloud storage. These useful little helpers give intruders just a little too many clues where exactly your data may be located, and if someone has managed to open your browser with your profile, your data are open as well.

      For myself, to keep matters as much as possible in my own private hands, I put my login data, adress data and other frequent stuff in an encrypted and masked (so very-hard-to-spot) local text file. I open that file to manually copy-paste strings from there. Sounds cumbersome, I know, but once it’s properly set-up and you’re used to the routine, it’s all a matter of a few clicks.

      Things like (for example) my bank user name and password, or my private phone number, or my actual street adress, I would never put in any kind of cloud-based or local Firefox browser profile where they would be very easy to locate, and potentially easier to decrypt as well.

      Warning: obviously, my setup is still not safe if you also happen to run some kind of clipboard manager that saves all copied-pasted strings from the current or last session(s). A thing like that would kind of defeat the whole idea.

      1. Tom Hawack said on May 24, 2017 at 9:52 pm

        Basically I agree. But as always, in between principles and their total lack there is the in-between, in other words the best compromise (as considered by each of us) between security/privacy (the principles) and their feasibility, on the long-term (human nature sometimes relaxes!) but especially with a great amount of data.

        Let’s forget the data related to autofilling since it resumes to little, most of the time. I’m focusing more particularly on logins, that is a name or email address plus a password.

        If you have either few logins, or all based on childish easy-to-remember-all-the-same roots, or many which stay alive (you seldom logout) then there’s not much of a problem.
        But if you have dozens, hundreds sometimes of login credentials, if you log out, if you clean cookies then you’re bound to face difficulties if your data storing policy is to handle everything manually.

        That’s why I make an exception for logins. All my passwords (to the extent of the site’s own limits) are 32 character alpha-numerical + custom, I just cannot remember them all. Considering that moreover any disclosed data never survives at most the end of a session (except 2 search engine related cookies), considering that I wouldn’t survive a nervous breakdown initiated by having to copy paste logins on every session if not several times within one session… well, I do need an automatic filler.

        But but but … it’s a compromise. We live more easily with compromises and die more quickly as well. I won’t drive drunk but one more beer with friends or not? That’s the topo, and the equilibrium, the balance, the critical point is always personal. When do I exagerate, when do I under-estimate? Not easy to find the best optimization I guess.

      2. Clairvaux said on May 24, 2017 at 9:43 pm

        Henk van Setten,

        Many clipboard managers (make it all clipboard managers worth their salt) will have a function enabling you to exclude specific applications from copying.

        For instance, I have customised Phrase Express to never grab field contents copied from Kee Pass. This allows me to avoid defeating the privacy features already embedded in Kee Pass copy and paste function (volatile clipboard, scrambling of user names and passwords when pasting in browser).

        (Phrase Express is a very interesting German automation program which includes a clipboard manager — but it does much more than that : it’s a text expander combined with a macro program. It’s free for non-commercial use, but bear in mind that customer support staff are downright rude and totally unhelpful if you’re not a paying customer.)

    3. Clairvaux said on May 24, 2017 at 7:39 pm

      Exactly. Even for logins. Anything pre-recorded in the browser is one step away from being stolen.

      I do auto-log, but I do it from Kee Pass, with data safely stored locally and nowhere else, so there’s one degree of separation from the browser. No plug-ins to Kee Pass either, in order to automate log-in. Either do it manually (there’s a command in Kee Pass to activate a sequence of user name + password, or anything else which might be appropriate to that specific website), or there’s an even more automated way of doing things, which I haven’t tried.

      That being said, the present Firefox feature seems indeed impressive and useful, if it’s implemented right.

      I wouldn’t mind automatically logging to Ghacks, for instance. It’s different from logging into a bank site or a government site.

  7. Croatoan said on May 24, 2017 at 4:25 pm

    I used Last Pass form fill for registering on websites (temp email). But when I found out Bug Me Not extension I don’t remember last time that I used form fill.

  8. earthlng said on May 24, 2017 at 3:29 pm

    Martin: “I wish Mozilla would add support for custom fields as well”

    custom fields could be dangerous if someone thinks adding fe. a “credit card number” field would be a good idea, and then have it stolen thanks to something like this: //

  9. Thorky said on May 24, 2017 at 3:09 pm

    I don’t need that at all. Is this feature save enough for purposes on the internet? Or is it just another door to sneak silently into my data-privacy?

    1. Erald McKnight said on May 24, 2017 at 11:41 pm


Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.