Firefox 69 gets a password generator
Mozilla is working on a new feature for the Firefox web browser that helps users generate random secure passwords when they create new accounts on the Internet.
The feature is part of a concentrated effort to make the password manager of the Firefox browser more useful. Mozilla launched a first batch of improvements in Firefox 67 which it released on May 21, 2019 to the public. Among the new features were options to save passwords in private browsing mode and support for an authentication API.
Mozilla released Firefox Lockwise, a password manager companion app for Android, iOS and desktop systems recently as well. Firefox Lockwise on mobile brings all saved Firefox passwords to the mobile device and supports options to sign-in globally using these passwords.
Mozilla plans to introduce a password generator in Firefox 69. The password generator would work in conjunction with Firefox's built-in password manager.
Firefox suggests a password during registration processes on Internet sites. The process works on sites that use the autocomplete="new-password" attribute currently only but will work on password fields that don't use it as well in the future. (thanks Sören)
Firefox displays a "use generated password" option when the password field is activated. Selection of the password adds it to the field and saves it automatically under saved logins. The password is saved there even if the registration is ended prematurely.
The new password generator of Firefox is not enabled by default in Firefox Nightly. It is controlled by an advanced configuration option that Firefox users may set to on or off to allow or disable the functionality.
- Load about:config in the Firefox address bar.
- Confirm that you will be careful.
- Search for signon.generation.available.
- Set the preference to True to enable the password generator or set it to False to disable it.
Firefox 69 has a preference in the regular settings to control the password generator.
- Load about:preferences#privacy in the Firefox address bar.
- Scroll down to the logins and passwords section.
- Suggest and generate strong passwords determines whether Firefox's password generator is turned on or off. Check it to turn it on, or uncheck it to turn it off.
Firefox 69 is scheduled for a September 3, 2019 release.
Closing Words
The password generator comes without any configuration options at this point; it is not possible to change important parameters such as the password length or charset. Still, the introduction is a step in the right direction as it assists users who use Firefox's built-in password manager with the generation of passwords that are more secure than the average passwords that users choose when they create accounts on the Internet.
Google Chrome supports password generations as well but only if sync is enabled.
Now You: Do you use a browser's built in password manager or a third-party solution?
Not yet installed
PW Gen is not available on FF 69.0 for Mac. :-(
Try this one: https://addons.mozilla.org/firefox/addon/pasa-password-generator/
pwgen works
For business purposes, storing certain information (such as password storage and history) in the browser is prohibited (Deactivated). In the case of Private, it is the result of what I do right now.
As a result, I have no experience using the browser’s password management function (generation and storage) and in addition, I have acquired the knowledge of risk management.
For personal use, I use “KeePass 2.x” which can be managed locally and has high functionality, and also add plugins (Favicon Downloader, HIBPOfflineCheck, KeePassHIBP) .
However, since the actual situation of the end user of Ichii does not go out of the recognition level of “indifferent to password management and operation is troublesome”, it may be necessary to incorporate a password manager with basic generation function into the browser I will.
For them, the gospel may come, but if trouble occurs (even if the user is careless), it could trigger Firefox to lose trust.
So, another “feature” that cant be turned off?
It can be turned off as described in the article.
Well done Mozilla. Only 30 years late but an absolutely critical and logical feature that cannot be criticised, really. Great to see useful features are being focused on.
KeePass all the way for years and years, Keepass Tusk recently.
I’ve never used the current password manager. Is it safe to use?
@Anonymous:
I’m unaware of any particular security problem with it. I don’t think the passwords are encrypted unless you set a master password, though, but I’m not 100% sure about that.
This feature’s nice for those who use the built in password manager.
For everyone else though, ¯\_(ツ)_/¯.
Yep, my reaction too. For me, I use LastPass Free as the password manager and then use:
https://www.dashlane.com/features/password-generator
with Length set to 28 or higher.
Websites that don’t accept proper complex passwords don’t deserve to hold your data.
This might help FF gain market share among the general public. It makes sense, if Mozilla wants to build its brand as “the secure and private browser for everybody”, as opposed to all others which are supposed to infringe upon your privacy.
However, I myself would never entrust my passwords to a browser. A password manager is designed to be as closed as possible to outside influence. A browser is designed to be the opposite. Both approaches don’t mix well.
There is only one problem: Firefox isn’t the most privacy-respecting browser. Not by a long shot. Brave and Ungoogled Chromium are easily better in this regard.
@Iron Heart:
How are Brave and Ungoogled Chromium better?
“Do you use a browser’s built in password manager or a third-party solution?”
I use a third-party solution on my phone, because I use many different machines with different browsers, and I use my password manager to store passwords for more things than just the web.
I also like having my password manager to be standalone so I can firewall it off from the internet.