Add breach indicators to saved logins
Categories
(Toolkit :: Password Manager, enhancement)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox70 | --- | fixed |
People
(Reporter: groovecoder, Assigned: groovecoder)
References
(Blocks 1 open bug)
Details
Attachments
(1 file, 2 obsolete files)
PRD: https://docs.google.com/document/d/1Vp3UbyuXCawJd-X34IuTo5TiqAbujws44XyQM4N4Z9s/edit
Locally saved browser logins should provide an indication of compromise if the login domain saved matches breaches.
Should not show an indication on any saved logins where the date last modified is newer than the breach date.
Notes:
Breach data is available via RemoteSettings "fxmonitor-breaches" key.
|
Assignee | |
Comment 1•5 years ago
|
||
|
|
Assignee | |
Updated•5 years ago
|
|
||
Updated•5 years ago
|
|
|
Assignee | |
Comment 2•5 years ago
|
||
Still need to filter indicator by:
- Saved login date is older than breach date
- Breach included passwords
|
|
||
Updated•5 years ago
|
|
|
Assignee | |
Comment 3•5 years ago
|
||
Depends on D35105
|
|
||
Updated•5 years ago
|
|
|
||
Updated•5 years ago
|
|
|
||
Updated•5 years ago
|
Pushed by jwein@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/b4f0e8b4b6fa UI indication of breached logins r=jaws
|
||
Comment 5•5 years ago
|
||
Backed out changeset b4f0e8b4b6fa for causing browser-chrome failures in AboutLoginsParent.jsm
Backout link: https://hg.mozilla.org/integration/autoland/rev/91d8f385c5e5ec15c5cdb1d6c24b582fe1862acc
Failure log: https://treeherder.mozilla.org/logviewer.html#/jobs?job_id=255028267&repo=autoland&lineNumber=2523
[task 2019-07-05T23:36:42.061Z] 23:36:42 INFO - TEST-UNEXPECTED-FAIL | browser/components/contextualidentity/test/browser/browser_aboutURLs.js | A promise chain failed to handle a rejection: [Exception... "Component not initialized" nsresult: "0xc1f30001 (NS_ERROR_NOT_INITIALIZED)" location: "JS frame :: resource:///modules/AboutLoginsParent.jsm :: receiveMessage :: line 186" data: no] - stack: receiveMessage@resource:///modules/AboutLoginsParent.jsm:186:24
|
||
Updated•5 years ago
|
|
|
Assignee | |
Comment 6•5 years ago
|
||
I filed https://bugzilla.mozilla.org/show_bug.cgi?id=1564132 so I can push to try to fix these.
|
|
Assignee | |
Comment 7•5 years ago
|
||
I pushed my changeset to try and the tests seem to pass:
Or else they are intermittent:
:malexandru - Does that mean I can land these? It's been a while since I've landed code into central.
|
|
Assignee | |
Updated•5 years ago
|
|
|
||
Updated•5 years ago
|
|
|
||
Comment 8•5 years ago
|
||
Hello Luke,
for landing patches you just need to update the phabricator revision with your new changes, wait for review and click "View Stack in Lando" and then "Preview Landing" and land. You can also just put the keyword "checkin-needed" in the bug and the sheriffs will land it.
Landing code into central directly is rarely done, most of the time code is landed into the integration trees (autoland||inbound) and later merged into central (landing code with Lando/Phabricator puts the code into autoland).
Pushed by mozilla@noorenberghe.ca: https://hg.mozilla.org/integration/autoland/rev/6484c07ff836 UI indication of breached logins r=jaws,MattN
|
|
Assignee | |
Comment 10•5 years ago
|
||
FWIW, when I click "Preview Landing" I get: " You have insufficient permissions to land. Level 3 Commit Access is required. "
|
||
Comment 11•5 years ago
|
||
| bugherder | ||
|
|
Assignee | |
Updated•5 years ago
|
|
||
Comment 12•5 years ago
|
||
|
|
||
Updated•5 years ago
|
|
|
||
Comment 13•5 years ago
|
||
Comment on attachment 9079168 [details]
Bug 1564539 Add breach alerts to login items - WIP r?jaws
Revision D38571 was moved to bug 1564539. Setting attachment 9079168 [details] to obsolete.
|
|
||
Updated•5 years ago
|
Description
•