James wrote:- are the passwords stored in encrypted form in the Firefox browser?
According to this page
, Mozilla's password manager is encrypted with 3DES in CBC mode.
I am not an expert on encryption, Don
is. However Don
is in his secret hiding mode still. Anyhow, I would guess that 3DES is not strong enough for Don
James wrote:- if the answer to the above is yes, then how would a manager like Roboform be any safer than Firefox, if we forget about additional things that Roboform offers such as form-fill?
Well, someone summed it up nicely.
Because the Firefox password manager is part of Firefox, it could be regarded as one-stop shopping for security crackers and their malware. You would be better protected if you used a password manager external to the browser to save passwords; access the appropriate password in the password manager, then type or copy it into the site’s login form yourself. Still, in absence of a separate password manager, this is better than using the same password across multiple sites.
However, if you are super-secret (or paranoid) like Don
, you probably won't trust a third party password manager, particularly the cloud version. It is quite likely that those cloud password managing services may have an agreement with Don
's US Government, allowing Government to have back-door access.
UserAgent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.7; en-US; rv:126.96.36.199) Gecko/20120306 AlexaToolbar/alxf-2.14 Firefox/3.6.28