First look at Firefox Lockbox for Android
Firefox Lockbox is a new password manager for Android by Firefox-maker Mozilla designed to provide Firefox Account users with easy access to saved passwords.
Firefox Lockbox is not a typical password manager. While it shares some functionality with apps like LastPass or Bitwarden, it is more restrictive when it comes to the functionality it provides.
Mozilla launched Firefox Lockbox for Apple's iOS operating system in 2018 already, and an alpha extension for desktop Firefox browsers in late 2017.
Basically, what it does is make available passwords saved by a Firefox Account. Setup is quite easy: all you do is install the Firefox Lockbox application on your Android device and run it after the installation completes.
Tap on get started, and sign in to a Firefox Account. Firefox Lockbox syncs all stored passwords automatically and displays all in list form in the interface.
Tip: You may want to disable the sending of usage data in the Settings.
You can copy the username or password, or open the linked URL.Â The app locks itself automatically after five minutes, and you may enable auto fill to let Firefox Lockbox fill in logins automatically if the app supports that.
Firefox Lockbox does not support any password management options. You cannot create new password entries, edit existing entries, or access other information that may be attached to a record.
Who is this for?
Firefox Lockbox displays Firefox Account passwords in a separate application on Android; this is not really that useful on first glance as most Firefox users probably have the browser installed on the Android device as well. They could simply open Firefox and copy the saved username or password from the browser instead.
Autologin functionality is what differentiates Firefox Lockbox from using Firefox for that. Users need to enable it, on the other hand. Firefox Lockbox locks itself automatically which is another differentiating factor.Â Whether that is enough to justify the installation remains to be seen, especially since it is easy enough to open Firefox if installed on the device to access the passwords that way.
Firefox Lockbox is a specialized application to access saved usernames and passwords of a Firefox Account, and to sign in to applications on the mobile device using stored passwords. The app cannot be used without a Firefox Account or an instance of Firefox, and provides a read-only view of the data.
Now You: What is your take on Firefox Lockbox?
>sending of usage data
2/10, for the effort
First time using internet?
Half-baked at best. Anyway, I’m strongly opposed to anything that conflates the browser and password management. The latter is 100 % security-driven, while the whole point of a browser is allowing other peoples’s computers to do things on your own (and often monetizing a bunch of things in the process).
Password management is one thing, a browser is a thousand things at the same time — and a huge profile where all personal data are dumped together. Nope. I’m not having any of it.
Mozilla seem to like put ressources on useless thing while while neglecting their core products (Firefox desktop/Android) which have plenty of bugs to work on.
1) You can’t put the same employees to work on Firefox bugs that you can put to work on something like this.
2) This is very much supportive of their Android core-product, which is right now seeing a major rewrite and will probably not have password sync in its initial public version.
This new version is likely to coexist for a while with the old Firefox and I expect Sync to be implemrnted before it actually replaces the current Firefox For Android, but I expect many people will gladly jump through hoops like Lookbox to be able to use the rewrite. The performance is just a lot better.
3) Not everything is about core products. Firefox Focus is also pretty big and does not have Sync support, so it will also definitely benefit from this.
When your main product, the only one you’re very well known for, starts sinking, and oh boy it did in the past few years at an accelerated rate, you kind of start throwing all sorts of things at the wall in the hope some will stick.
Desktop Browsers are just about Dead. its all Mobile Nowadays
Nope. Some people actually work in companies. You know, entities with things like offices. There, they have things called computers. There are many things you cannot do peeking at a teeny-weeny pocket screen.
PASSWORDS aren’t safe to be sent on the cloud. Most of these password-related applications are snake oils or real botnets. Passwords are meant to be stored in encrypted files, locally only and blocked from the net…
because they are passwords :)
Ridiculous claim with no supporting evidence whatsoever. For the record, Troy Hunt, a world-class security expert, who makes a living teaching proper Internet practices to businesses, is himself a user of 1Password, one of the best-known cloud password-managers out there.
Putting passwords in the cloud is not different from using the Internet, really, provided you do encryption and security properly. Everything you do on the Internet is “in the cloud”.
To be consistent with your theory, you should avoid email altogether (your account is in the cloud, and protected by a password), e-commerce… pretty well anything.
Appeal to authority. “Experts” made livings teaching kids that cigarettes are good for you. Must be true, because some famous guy with a fancy title said so.
KeePass is more secure than 1Password.
Yeah, because you can’t make the difference between “some famous guy with a fancy title”, which Troy Hunt certainly isn’t, and an actual expert, who knows much more than you in a specific field.
That attitude is called ignorance, basking in it, and arrogance.
The difference between Troy Hunt and you is that Tory Hunt actually accomplished something in the field of computer security, and helped an awful lot of people being more secure over the Internet ; and that when he recommends a course of action, he does not just say “Kee Pass is more secure than 1Password” (or the other way round), which is a stupid thing to say : he explains why he thinks so.
Also, “security” is not the only desirable aim in computing. Getting things done is actually the first. Security comes second.
Do you make a living teaching computer security to businesses all over the world ? Do people part with their money to hear you say “Kee Pass is more secure than 1Password” ? I wouldn’t think so.
How do I log into my Gmail without sending my password to the cloud?
You can’t. Gmail is “the cloud”. “The cloud” is just another word for the Internet.
Cloud is mainly 3rd perty server storage. There are many examples of bulk passwords stolen from unmitigated databases.