Thank you for the report. I believe this is a regression from the formless capture
(In reply to Christian Stadelmann from comment #0)
When asked, confirm saving login data (you sometimes get asked twice. If you get, confirm twice.)
I believe the double-prompt is the problem… the first prompt would have the correct password but it gets replaced by the 2nd one. I think we would need to address this with a UI like Chrome has recently added with a dropdown for the password: https://cl.ly/b687986d0924
At 3., it saves an incorrect password. If you open the password manager (chrome://passwordmgr/content/passwordManager.xul) and show the password for this site, it shows something very long beginning with "rsa:BzP/" and it has 349 chars.
The site is using a library to do client-side encryption (see
That library should submit the required value with an
<input type=hidden> or through JS, not modify the field's value.
Can you confirm that setting the about:config preference
false fixes the issue?
Status: UNCONFIRMED → NEW
Ever confirmed: true
Priority: -- → P2
Summary: Firefox updates and destroys password, gives error message "Message too long for RSA" → Firefox prompts twice to save a password: once with the password and once with the munged client-side hash/encrypted value