Closed
Bug 1288871
Opened 9 years ago
Closed 4 years ago
Fennec should offer to fill in passwords for other Android apps
Categories
(Firefox for Android Graveyard :: Logins, Passwords and Form Fill, defect, P5)
Firefox for Android Graveyard
Logins, Passwords and Form Fill
All
Android
Tracking
(Not tracked)
RESOLVED
INCOMPLETE
People
(Reporter: blassey, Unassigned, Mentored, NeedInfo)
References
Details
Attachments
(1 file)
|
25.29 KB,
patch
|
Details | Diff | Splinter Review |
Sebastian, what do you think? I don't know if you have any time for this, but it might be nice to put it into Nightly and see how well it works. Can you give the patch a once over?
Flags: needinfo?(s.kaspari)
|
||
Comment 2•9 years ago
|
||
That's pretty cool! Currently I can't find the time to push this over the finish line, though.
@barbara: Is this something you would like to add to your roadmap? I'd be happy to mentor this.
Mentor: s.kaspari
Flags: needinfo?(s.kaspari) → needinfo?(bbermes)
|
||
Comment 3•9 years ago
|
||
great PoC.
Some comments, clean-up suggestions
- location in settings, currently under general, might be better to place it under privacy->logins
- we need to be extra cautious and transparent when explaining to the user how to enable it and what benefit it brings (UX, NI Anthony), e.g. why turning on/allowing Accessibility requests etc. (audience is not the smart lastpass user who knows what kind of permissions are required)
- put some telemetry in there, permission funnel, accept/reject
- still nice to do this work in parallel to auto fill
- make sure it works with the Google/FB OAuth alikes
- what if user changes password on the web for open table? how can we make sure to update this in the app as well.
Possible user journey:
- user logins to website / service on Desktop that they just discovered, e.g. open table, using Firefox with sync enabled
- next time they open Firefox on Android with pwd sync enabled, we could figure out if they've added a new login to their login manager, (even check if it's a popular one like open table) and suggest to enable this feature for them)
- at some point, user picks up mobile device to install open table app (assuming user has FF on Android + sync, and fill passwords enabled)
- as soon as user tries to fill out password, it asks them if they want to use the FF stored credentials (pwd).
I've created an Aha card to track this (https://mozilla.aha.io/features/FENN-519)
+ NI Peter to keep him in the loop and get his opinion.
Flags: needinfo?(pdolanjski)
Flags: needinfo?(bbermes)
Flags: needinfo?(alam)
Flags: needinfo?(adavis)
|
||
Comment 4•9 years ago
|
||
Cool idea.
Would we be able to do the opposite too. Save app passwords for use on websites?
Flags: needinfo?(adavis)
|
||
Comment 5•9 years ago
|
||
(In reply to Barbara Bermes [:barbara] from comment #3)
> great PoC.
>
> Some comments, clean-up suggestions
> - location in settings, currently under general, might be better to place it
> under privacy->logins
> - we need to be extra cautious and transparent when explaining to the user
> how to enable it and what benefit it brings (UX, NI Anthony), e.g. why
> turning on/allowing Accessibility requests etc. (audience is not the smart
> lastpass user who knows what kind of permissions are required)
> - put some telemetry in there, permission funnel, accept/reject
> - still nice to do this work in parallel to auto fill
> - make sure it works with the Google/FB OAuth alikes
> - what if user changes password on the web for open table? how can we make
> sure to update this in the app as well.
Agree, this sounds like a great start. But we should think about the overall UX more as well.
Is there a build I can try for myself somewhere?
|
|
||
Updated•9 years ago
|
Flags: needinfo?(alam)
|
Reporter | |
Comment 6•9 years ago
|
||
(In reply to Alex Davis [:adavis] from comment #4)
> Cool idea.
>
> Would we be able to do the opposite too. Save app passwords for use on
> websites?
We can do that, just a matter of UX. We can also offer to generate passwords for people.
Anthony, did the try build I posted in the first comment work for you?
Flags: needinfo?(alam)
|
||
Comment 7•9 years ago
|
||
(In reply to Brad Lassey [:blassey] (use needinfo?) from comment #6)
> (In reply to Alex Davis [:adavis] from comment #4)
> > Cool idea.
> >
> > Would we be able to do the opposite too. Save app passwords for use on
> > websites?
>
> We can do that, just a matter of UX. We can also offer to generate passwords
> for people.
How are we going to get passwords from 3rd party apps? The Android security model should prevent this. Facebook would be rightfully pissed if any app could extract the saved Facebook login from the Facebook app.
|
|
Reporter | |
Comment 8•9 years ago
|
||
(In reply to Kevin Brosnan [:kbrosnan] from comment #7)
> (In reply to Brad Lassey [:blassey] (use needinfo?) from comment #6)
> > (In reply to Alex Davis [:adavis] from comment #4)
> > > Cool idea.
> > >
> > > Would we be able to do the opposite too. Save app passwords for use on
> > > websites?
> >
> > We can do that, just a matter of UX. We can also offer to generate passwords
> > for people.
>
> How are we going to get passwords from 3rd party apps? The Android security
> model should prevent this. Facebook would be rightfully pissed if any app
> could extract the saved Facebook login from the Facebook app.
When there is a password field focuses we can have some UX (notification bar, overlay dialog) that asks "would you like to save this password?" or "would you like to generate a password for this app?". Stand alone password managers do this already, so I can't see Facebook getting grumpy about Firefox doing it.
|
||
Comment 9•9 years ago
|
||
IIUC, Google in the process of releasing an open protocol called OpenYOLO that will allow credential sharing with things other than the Chrome password store.
This is a less than ideal link, but:
https://blog.dashlane.com/dashlane-google-open-source-api/
We're also in contact directly with folks at Google about this. Barbara might have more details.
|
|
||
Comment 10•9 years ago
|
||
(In reply to Brad Lassey [:blassey] (use needinfo?) from comment #6)
> (In reply to Alex Davis [:adavis] from comment #4)
> > Cool idea.
> >
> > Would we be able to do the opposite too. Save app passwords for use on
> > websites?
>
> We can do that, just a matter of UX. We can also offer to generate passwords
> for people.
>
> Anthony, did the try build I posted in the first comment work for you?
I just tried it again and I'm getting a 404 error. Could I get a "Fennec Blassey" build to test ? :) or even screenshots could help!
Flags: needinfo?(alam)
|
|
Reporter | |
Comment 11•9 years ago
|
||
|
||
Updated•8 years ago
|
Component: General → Logins, Passwords and Form Fill
OS: Unspecified → Android
Hardware: Unspecified → All
See Also: → 1410996
|
||
Comment 12•7 years ago
|
||
Re-triaging per https://bugzilla.mozilla.org/show_bug.cgi?id=1473195
Needinfo :susheel if you think this bug should be re-triaged.
Priority: -- → P5
|
||
Comment 13•4 years ago
|
||
We have completed our launch of our new Firefox on Android. The development of the new versions use GitHub for issue tracking. If the bug report still reproduces in a current version of [Firefox on Android nightly](https://play.google.com/store/apps/details?id=org.mozilla.fenix) an issue can be reported at the [Fenix GitHub project](https://github.com/mozilla-mobile/fenix/). If you want to discuss your report please use [Mozilla's chat](https://wiki.mozilla.org/Matrix#Connect_to_Matrix) server https://chat.mozilla.org and join the [#fenix](https://chat.mozilla.org/#/room/#fenix:mozilla.org) channel.
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → INCOMPLETE
|
|
||
Updated•4 years ago
|
Product: Firefox for Android → Firefox for Android Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•