webextension vs. master password timeout
grinapo+mozilladev at gmail.com
grinapo+mozilladev at gmail.com
Tue Aug 1 12:57:50 UTC 2017
Hello,
There are some addons for a master password timeout feature (which, in
turn, seems to be an obviously compulsory feature, but that's for
another day), which has been killed as most of the useful addons around
("not multiprocess compatible", "LEGACY").
I checked the code and it's, like, 1 line:
Components.classes["@mozilla.org/security/pk11tokendb;1"]
.getService(Components.interfaces.nsIPK11TokenDB)
.findTokenByName("").logoutAndDropAuthenticatedResources();
I'm no addon dev, so I have tried to search for anything password
related (being curious about the future of Saved Passwords Editor addon
as well), but unfortunately found nothing.
Your experience and wisdom is required.
Which API is supposed to:
- expire the master password?
- expire http auth password?
- manipulate the password database?
(Please refrain from telling me to use something else, unless you back
it up by real security-related facts, I mean those who insist MP is
insecure but fail to detail how, apart from their personal taste. The
question is about solving a problem, not avoiding it.)
Thanks,
Peter
More information about the Dev-addons
mailing list