Closed
Bug 157819
Opened 22 years ago
Closed 22 years ago
passwords could be stolen by stealing whole profile
Categories
(Core Graveyard :: Profile: Migration, enhancement)
Tracking
(Not tracked)
VERIFIED
INVALID
People
(Reporter: bugzilla, Assigned: racham)
Details
From Bugzilla Helper: User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.1a) Gecko/20020611 BuildID: 2002061104 I copied my profile to another computer and was able to access all my stored passwords without any confirmation that I am the legal user. Reproducible: Always Steps to Reproduce: 1. migrate your profile 2. call up pages on which you used the password-manager Actual Results: The password-manager filled out the forms. I was not asked wether I am the legal user of this profile or not. Expected Results: Mozilla should ensure that I am the legal user of this profile. It should not be possible to go to someone's computer and steal all his private data by copying his profile and migrating it to another computer. This might be done by a general password for a profile or by locking a profile to certain computer-hardware or software-installation.
Comment 1•22 years ago
|
||
This is done by setting a Master Password. Reporter: if this fixes your problem, please resolve this bug as WFM.
Comment 2•22 years ago
|
||
You must encrypt your passwords. (edit\preferences\Privacy&Security\Passwords) -> invalid
Status: UNCONFIRMED → RESOLVED
Closed: 22 years ago
Resolution: --- → INVALID
Updated•8 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•