<div dir="auto"><div><br><div class="gmail_extra"><br><div class="gmail_quote">Le 20 oct. 2017 1:22 AM, "Daniel Veditz" <<a href="mailto:dveditz@mozilla.com">dveditz@mozilla.com</a>> a écrit :<br type="attribution"><blockquote class="quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small">Security is annoying. I hate having to fumble for my keys with my hands full to get into my house, but I don't want to leave my house unlocked all the time either. The masterpassword is like that key -- if _you_ didn't have to use it then no one else would either.<br></div><div><br></div><div>-<div style="font-family:tahoma,sans-serif;font-size:small;display:inline" class="gmail_default">Dan Veditz</div><br></div></div><div class="gmail_extra"></div></blockquote></div></div></div><div dir="auto"><br></div><div dir="auto">With most password managers, you typically have a setting so that you're not re-prompted every single time. But once every 5 minutes, 1 hour and so forth. </div><div dir="auto">Once you've authenticated yourself, you've proven that you have access to the file.</div><div dir="auto"><br></div><div dir="auto">It seems reasonable to me that this authentication is valid for a set time. Or that the user be given that opportunity. </div><div dir="auto"><br></div><div dir="auto">We already have similar policies with our own login system. Bugzilla, Gmail, any of the SSO enabled sites. You log in once. The dual authentication is valid on that device for several days.</div><div dir="auto">You don't expect people to re-enter their credentials every time you consult a bug. </div><div dir="auto"><br></div><div dir="auto">There's no much point having strong security systems: if they come too much in the way of usability the user will stop using them. </div><div dir="auto">A compromise would be good. </div><div dir="auto"><br></div><div dir="auto">Ps: for what it's worth, when I get into my locked house, I don't relock it behind me while I'm inside. </div><div dir="auto"><br></div><div dir="auto"><div class="gmail_extra"><div class="gmail_quote"><blockquote class="quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Oct 13, 2017 at 6:42 AM, Friedrich Kuminek <span dir="ltr"><<a href="mailto:friedrich.kuminek@yahoo.de" target="_blank">friedrich.kuminek@yahoo.de</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hello!<br>
I would really appreciate an option, that you automatically login to any password-site without typing in the masterpassword beforehand. I really need the Masterpassword to secure my passwords under preferences. But always typing in the Masterpassword on every session is annoying. It is just my opinion and i just would like to give you a feedback. Anyways its just a small problem.<br>
<br>
Greetings<br>
<br>
______________________________<wbr>_________________<br>
firefox-dev mailing list<br>
<a href="mailto:firefox-dev@mozilla.org" target="_blank">firefox-dev@mozilla.org</a><br>
<a href="https://mail.mozilla.org/listinfo/firefox-dev" rel="noreferrer" target="_blank">https://mail.mozilla.org/listi<wbr>nfo/firefox-dev</a><br>
</blockquote></div><br></div>
<br>______________________________<wbr>_________________<br>
firefox-dev mailing list<br>
<a href="mailto:firefox-dev@mozilla.org">firefox-dev@mozilla.org</a><br>
<a href="https://mail.mozilla.org/listinfo/firefox-dev" rel="noreferrer" target="_blank">https://mail.mozilla.org/<wbr>listinfo/firefox-dev</a><br>
<br></blockquote></div><br></div></div></div>