Closed Bug 1332559 Opened 3 years ago Closed 3 years ago

Synced passwords have "last used" set to now

Categories

(Firefox :: Sync, defect, P3)

defect

Tracking

()

RESOLVED DUPLICATE of bug 555755

People

(Reporter: markh, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [data-integrity])

STR:
* On one profile, check your saved logins and note the "last used" field is (basically) accurate.
* Connect a second clean profile to sync and let sync complete.

Expected:
* The "Last Used" date for all the new passwords that were created in the new profile is the same as they were on the original profile.

Actual:
* "Last Used" is set to now.

Note that "Last Changed" does appear to be correct - it's just "last used" that's incorrect. Best I can tell Sync doesn't even store this field - we have "timeCreated" and "timePasswordChanged", but nothing that seems to correspond to "last used". If we did choose to Sync this, I expect it means we'd also need to ensure we re-sync the password record each time "last used" is bumped locally.

The login manager does seem to use "last changed" in some cases for de-duping - it's not immediately clear what would actually go wrong though.
(In reply to Mark Hammond [:markh] from comment #0)
> If we did choose to Sync this, I expect it means
> we'd also need to ensure we re-sync the password record each time "last
> used" is bumped locally.

IIRC there was a concern in bug 1134881 about increasing sync traffic if there is a sync for every timesUsed/lastUsed change and that it would make integrity issues worse. I would recommend reading that bug for potential issues.

> The login manager does seem to use "last changed" in some cases for
> de-duping - it's not immediately clear what would actually go wrong though.

Which scenario are you asking about? Having an incorrect last use date (and use count)?
See Also: → 1134881
See Also: → 555755
Priority: -- → P3
Blocks: 1337275
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 555755
You need to log in before you can comment on or make changes to this bug.