How to create Firefox Account Recovery Keys
Firefox users who use a Firefox Account to sync data between devices and the cloud use a combination of a username and a password for authorization. Users may enable two-step authentication to improve security further.
The password is used to encrypt the data so that it is protected from any prying eyes. Even Mozilla, maker of Firefox and operator of the cloud storage where all the bits are stored, has no access to the data.
Considering that synced data may hold important and valuable information, such as account passwords, the browsing history or bookmarks, it is of utmost importance that only the owner of the data has access to it.
Firefox users who forgot the password up until now had no option to recover the data. While guessing might have worked for some to regain account access, most probably did not have luck using guesses.
Firefox Accounts -- account recovery
Mozilla unveiled an addition to Firefox Accounts on September 27, 2018 that adds an account recovery option to the service.
Account Recovery generates a recovery key that Firefox Account owners may supply when they forget the account password and can't sign in to the account anymore because of that.
Recovery Keys work pretty much as you'd expect them to: you need to generate them on the Firefox Account website and store them in a safe location. You can use the recovery key when you run into login troubles to restore access to the account even without supplying the original account password.
The password gets reset and you may access the data once again after the operation to sync data between devices.
How to set up a recovery key
It takes only a couple of steps to create recovery keys for Firefox Accounts. Note that you can do so only if you can still access the Firefox Account website. While you can open the Firefox Account page without signing in again if you are signed in to the account in the browser, creation of a new recovery key requires that you re-enter the account password.
If you are signed out of all devices, however, there is no such option available anymore.
- Load about:preferences#sync in the Firefox web browser.
- Select "Manage Account" to open a new tab on the Firefox website that displays account related information.
- Or, visit https://accounts.firefox.com/ directly and sign in there.
- Select "Enable" next to Account Recovery on the page.
- Note: if you don't see the Account recovery option on the page yet add &showAccountRecovery to the address to make it visible.
- Click on the Generate button to generate a new account recovery key.
- Type the account password to confirm ownership. Without it, anyone with access to the browser could generate a recovery key.
- The recovery key is displayed on the screen. You can download it, print it, create a screen capture, memorize it, or copy and paste it.
Note: You will notice some changes the next time you access the Account Recovery options:
- The enable button has been replaced with a change button.
- The generate button is not available. You get a revoke button to delete the previously generated key.
A recovery key can only be used once. It expires automatically when it is used and it is necessary to generate a new recovery key if you want to use it as an account recovery option.
The generation of a recovery key for a Firefox Account is completely optional. Users who don't want to generate these keys don't have to do anything; those who like the idea of a safeguard can do so.
It is important to store the key in a safe location such as a password manager, safe, or in an encrypted container as anyone with access to it may gain full access to the Firefox Account data.Advertisement