Closed Bug 1127211 Opened 10 years ago Closed 4 years ago

OSX: Latest firefox has master-password disabled - enable impossible

Categories

(Toolkit :: Password Manager, defect)

Product:
Toolkit
Component:
Password Manager
Version:
36 Branch
Platform:
x86_64
macOS
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: tomri, Unassigned)

References

Details

(Whiteboard: [passwords:primary-password])

Attachments

(1 file)

master-password toggle button off
27.46 KB, image/png
Details
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:33.0) Gecko/20100101 Firefox/33.0 Build ID: 20141113143407 Steps to reproduce: Install firefox updates (to latest 35.0.1) and the master-password dialog is missing. The toggle-button for "enable" is off. firefox 33.1.1 works normal. Seems a problem in the binary-tree in OS-X /Applications/firefox. Remove the binary tree and replace with 33.1.1 everything is fine. ProductName: Mac OS X ProductVersion: 10.9.5 BuildVersion: 13F34 Actual results: No master-password used - no dialog. Master-password is set and valid. Can't trigger firefox to use the it after the update. Expected results: Normal behavior should be: Install updates, restart firefox and the password-dialog should pop-up. Toggle Button for "enable master-password" should be SET.
Severity: normal → major
Hardware: x86 → x86_64
works for me. presumably some add-on or malware is interfering in your case. try safe mode and/or a new profile.
works not for me. not in safe-mode nor any malware installed ;-) Do you come from windows?? I need the settings from my profile. So how to import the password-db, and the other settings, when try with new password? Why doesn't firefox works correct in the latest version, and in the version above it does? What has changed in the security settings? Using the old binary of firefox with the profile it works, with the new binary it doesn't - with the same profile. Some where are the debug- or trace-messages which say: hey, here's something wrong in the profile?? From the console: JavaScript error: resource://gre/components/crypto-SDR.js, line 85: NS_ERROR_FAILURE: Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsIPK11Token.initPassword] JavaScript error: , line 0: uncaught exception: Initialization failed JavaScript error: resource://gre/components/nsLoginManager.js, line 152: NS_ERROR_XPC_JS_THREW_STRING: Initialization failed'Initialization failed' when calling method: [nsILoginManagerStorage::initialize]
Mmhh, no FIPS 140 Krypto-, Key any more?? In the new version it is named "SW security module" and HW-version changed to 4.0 from 0.0. In the latest version I can setup a new profile, enable/set a master-password and then try to enable FIPS, but nothing happend when press the "Enable FIPS" button. (in German: FIPS aktivieren) I think the problem is about this modules and FIPS.
Maybe the same context: https://bugzilla.redhat.com/show_bug.cgi?id=230545 Browser Console output: NS_ERROR_FAILURE: Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsIStringBundle.GetStringFromName] XStringBundle:21
Strange to me, is that these *.chk files are missing in 35.0.1. I tried to set a master-password and try to enable FIPS mode, but nothing happens. https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_Tech_Notes/nss_tech_note6 Could you please verify if you could enable the FIPS mode?
So, tried on another OS-X 10.9 system with the same result. Enable FIPS-Mode doesn't work after setting a new master-password. Seems something in firefox 35.x has changed with FIPS and NSS or it is a bug.
Can't update to latest firefox with this kind of problem.
Severity: major → critical
Component: Untriaged → Security
Version: 33 Branch → 35 Branch
I tried FF 36 on OS-X 10.9.5 today: Problem still there.
Version: 35 Branch → 36 Branch
So version 33 works and everything newer does not work?
Flags: needinfo?(tomri)
This could be due to bug 1223979.
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Depends on: 1223979
Flags: needinfo?(tomri)
Resolution: --- → DUPLICATE
The original bug is about master-password, that has nothing to do with FIPS.
Status: RESOLVED → REOPENED
Ever confirmed: true
Resolution: DUPLICATE → ---

I have attempted to reproduce this issue on Mac OS 11.2 with an update from Firefox Release v72.0.2 to v85.0.2.
Previous to the update, I've set the master/primary password, saved a set of credentials for Facebook, and logged in to Sync.
After the update, the master/primary password request modal hasn't appeared as soon as the browser was relaunched, but appeared eventually, when attempting to interact with the browser.

Considering the above, I can safely say that I can't reproduce the originally described issue, which is the fact that the master password modal would not appear at all after an update. The original versions could not be tested for obvious reasons.

I will set this component and hope for some details from a developer who knows more about the primary/master password behavior.
Is my behavior described above the correct behavior?
Do you think I should be verifying something else in order to resolve this bug as WORKSFORME?

Component: Security → Password Manager
Product: Firefox → Toolkit

Sam? Can you provide an opinion on the previous comment?

Flags: needinfo?(sfoster)

(In reply to Bodea Daniel [:danibodea] from comment #14)

I have attempted to reproduce this issue on Mac OS 11.2 with an update from Firefox Release v72.0.2 to v85.0.2.
Previous to the update, I've set the master/primary password, saved a set of credentials for Facebook, and logged in to Sync.
After the update, the master/primary password request modal hasn't appeared as soon as the browser was relaunched, but appeared eventually, when attempting to interact with the browser.

Yes this is the expected behavior. We don't prompt for the primary password until it is needed. That can happen if you go to e.g. Facebook in this scenario and the password manager attempts to fill the saved login into the form. Or, it can happen when Sync syncs in the background after startup.

Flags: needinfo?(sfoster)
Whiteboard: [passwords:primary-password]

I'm marking this as invalid, as the expected results from comment #0 are not correct: the primary password is not some kind of lock on the profile, it is used to decrypt entries in the logins store. As such, we don't prompt for it until there is a need to read username/password details from the login store - by either displaying entries in about:logins, filling forms or syncing via firefox Sync.

Status: REOPENED → RESOLVED
Closed: 9 years ago4 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: