Password Text Export Feature Coming To Firefox

June 12, 2020

Written by wukovits

Mozilla’s Firefox browser, like most modern browsers, has a built-in password management feature that allows you to save passwords for sites you log into on a regular basis. Since the browser stores the information, that’s one less thing you have to remember. That allows you the convenience of one click access to the sites you use frequently, unless you’ve enabled two-factor authentication (and you should, if you haven’t already!).

Recently, the folks at Mozilla have announced a change that’s coming soon. Depending on who you are, the newly announced feature can be seen as a very good, or a very bad thing.

Firefox 79, the Nightly build, allows users to export saved credentials as plain text into a CSV file.

On the surface of it, that’s very good news. That’s because if you use multiple devices and want to create a way to manage your passwords across them and across multiple platforms, having a handy text-based file is a good option that adds both value and convenience.

It is not without risk, however. Consider what could easily happen if someone compromises your machine. It would be a trivial matter for them to convert all of your stored passwords to plain text, then exfiltrate the CSV and gain access to everything you touch. That’s grim.

To at least partially counter this, the Firefox development team has built in a requirement that users must enter their Windows password before the export process completes. Apple and Android users are out of luck on this front.

On balance, this feels like a move in the wrong direction. While it’s certainly true that the new feature offers some advantages, it seems that the risks far outweigh those. If you use Firefox, this might be a reason to consider migrating to a different browser, especially if you use an OS other than Windows 10.

Used with permission from Article Aggregator

Related Articles

Some Amazon Device Features May Have Security Risks

Have you heard of Amazon Sidewalk? If not, it's definitely something you should be aware of. Depending on your point of view, the new feature, which was enabled by default on a wide range of Amazon devices by default on June 8 of this year (2021) is either...

Email Unsubscribe Scam Can Easily Fool Any User

Scammers are increasingly relying on a tried and true bit of social engineering to fool unsuspecting users into unwittingly signing up to receive a flood of additional spam email. They accomplish this by blasting out an email asking recipients if they wish to...

Update VMWare Software Immediately To Avoid Possible Attack

The US Cybersecurity and Infrastructure Security Agency recently issued a warning to all companies running VMware Vcenter Server and VMware Cloud Foundation. They are asking them to download and apply the latest security patches as soon as possible because attackers...

Send us a message

Your message was sent.

Thank you for contacting Bayou Technologies. We'll be in touch soon!

Need help? support-icon