The last 9 years Firefox has not protected user passwords carefully

A network security researcher recently discovered that during the past 9 years, Firefox has stored user passwords with an outdated process.

The last 9 years Firefox has not protected user passwords carefully

A new cyber security researcher found that during the past 9 years, Firefox has stored user passwords with an outdated process and can be hacked by GPUs in less than 1 minute.

Both Firefox and Thunderbird allow users to set up Master Pasword for greater security, using the SHA1 style code (which is easy to crack) over the past 9 years.

This problem was discovered by Wladimir Palant, the author of the AdBlock Plus extension. But it is worth mentioning that Wladimir mentioned this issue 9 years ago but was not overcome by Mozilla.

The last 9 years Firefox has not protected user passwords carefully Picture 1
The password stored on Firefox turned out to be not safe at all

Palant said: 'I look at the source code and finally find the sftkdb_passwordToKey () function to switch from the password (website) to the encoded character string (key) using the SHA1 code with 1 string of your password and 1 random string. Anyone who has ever designed a login function for a website will see the problem here . '

Palant reiterated the problem and Mozilla said it would fix it when it released a new password management tool, Lockbox. In the meantime, Firefox users who want to secure their data should use a longer and more complex password.

See more:

Why should you turn off the Autofill feature in the password manager?
3 golden rules to avoid fake attacks
How to use password management Lockbox in Firefox Quantum

Trojans taking advantage of Firefox save user passwords
newly discovered firefox trojan indicates firefox browser 'force-force' to save user passwords ...
How to export and delete saved passwords in Firefox
the firefox browser comes with a built-in password manager called lockwise, which is well reviewed. but if you have a need to switch to a dedicated third-party password manager, it's best to export and delete all the passwords you have saved in firefox.
How to manage passwords on Chrome, Coc Coc, Edge, Firefox browsers
currently, web browsers have integrated the feature of remembering accounts and passwords of user accounts in community forums. it helps users now no need to remember the account as well as the password. however, that's why we sometimes forget the password we set
How Linux stores and manages user passwords
are you wondering how linux effectively manages a multi-user environment? in this article, tipsmake.com will explain how linux stores and manages user passwords and login information.
Ways to break passwords, remove passwords of PDF files most effectively
sometimes we have to work with password-protected pdf files and it takes a lot of time to open passwords and even break passwords because we can't remember them. however, any problem has a solution, as long as you find the right direction to handle it.
Google acknowledges storing user passwords in plain text for 14 years
the technology firm said it had discovered a security vulnerability that could cause the account password of a large number of g suite users to be saved as plain text.
Password management problems in IE and Firefox (The last part)
internet explorer and firefox have shared nearly 95% of all browsers. each browser has its own features to support users by remembering different usernames and passwords as an authentication for pages w
How to delete Firefox account
mozilla firefox uses a firefox account to synchronize passwords, bookmarks and browsing data, among your devices. suppose for some reason, for example, you do not want to use firefox browser anymore and want to delete your account to delete all personal data from firefox servers.
Firefox offers the same security features as the Tor browser
mozilla engineers have borrowed a feature from the tor browser and will upload it to firefox 58, without saving the user's footprint with html5 canvas.
Why is Firefox faster, uses less memory and still can't win Chrome?
if you do not believe that firefox is on a recession, may be wiped out in the next few years, firefox's cto andreas gal has proofs to show you.
How to synchronize data bookmarks, passwords, browsing history, open tabs in Firefox
one of the features that firefox has that other browsers cannot have is the ability to synchronize in real time.
Backup and restore passwords on Firefox
instructions to use the pasword exporter to backup and recover passwords on firefox.