Closed Bug 1604185 Opened 4 years ago Closed 4 years ago

Do not reveal/allow to copy passwords without requiring OS authentication

Categories

(Firefox :: about:logins, defect)

Product:
Firefox
Component:
about:logins
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1194529

People

(Reporter: amejia, Unassigned)

References

(
URL
)

Details

If you leave your machine unlocked or untenanted anyone can access your saved credentials on Firefox.

Steps to reproduce

Steps to reproduce it:

  1. Go to about:logins
  2. Select a website.
  3. Click the "Copy" button

Expected behavior

FireFox must required an OS Authentication level before let you copy any password (Please for devices with fingerprinting readers use it instead of entering password)

Actual behavior

FireFox allows copying any password without any extra layer of security.

Device information

Firefox nightly 73.0a1 (2019-12-10) (64-b)
MacOS Catalina 10.15.1 (19B88)

You should enable a Master Password if you are concerned about this scenario: https://support.mozilla.org/kb/use-master-password-protect-stored-logins

Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.