<div dir="ltr">It may be old, but it appears that the overall weakness of Master Password to an attack like FireMaster is still there. We should fix it, even as we make Password Manager a cloud service and change expectations about security of your passwords. <br><br><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=825787#c1">https://bugzilla.mozilla.org/show_bug.cgi?id=825787#c1</a><br></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Jan 9, 2015 at 11:18 AM, Peter DeHaan <span dir="ltr"><<a href="mailto:pdehaan@mozilla.com" target="_blank">pdehaan@mozilla.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><a href="http://raidersec.blogspot.com/2013/06/how-browsers-store-your-passwords-and.html?m=1" target="_blank">http://raidersec.blogspot.com/2013/06/how-browsers-store-your-passwords-and.html?m=1</a><br><br></div>Just saw this today, but apparently it's ~18 months old (recent as of Firefox 21).<br><br><span style="font-size:large">Firefox</span>: <i>Difficulty to obtain passwords:</i><span style="color:orange;font-style:italic"> </span><span style="color:orange;font-style:italic">Medium</span><span style="color:rgb(106,168,79);font-style:italic">/</span><span style="color:red;font-style:italic">Very Hard</span><br></div>
<br>_______________________________________________<br>
Passwords-dev mailing list<br>
<a href="mailto:Passwords-dev@mozilla.org">Passwords-dev@mozilla.org</a><br>
<a href="https://mail.mozilla.org/listinfo/passwords-dev" target="_blank">https://mail.mozilla.org/listinfo/passwords-dev</a><br>
<br></blockquote></div><br></div>