Closed Bug 1777530 Opened 3 years ago Closed 3 years ago

Firefox Auto-generated password

Categories

(Toolkit :: Password Manager, defect)

Product:
Toolkit
Component:
Password Manager
Version:
Firefox 101
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1559986

People

(Reporter: withdattavelivela, Unassigned)

Details

Attachments

(1 file)

Defect in Firefox’s autogenerated password Mozilla Firefox case study.pdf
456.50 KB, application/pdf
Details

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:101.0) Gecko/20100101 Firefox/101.0
Firefox for Android

Steps to reproduce:

  1. I navigated to the Maze Community page to sign up and I clicked on the sign-up button.
    https://login.circle.so/sign_up#email

  2. It redirected to the login page of the website.

  3. I clicked on the CTA button asking to “Sign up with an email” and It redirected to the “Sign up” page. I entered my Full Name, Email, and used an auto-generated password by “FIREFOX”.

4)As a user, I tend to avoid creating my own passwords because it is difficult to remember and I would like to have a strong password. So I use an auto-generated password by “FIREFOX”.

  1. So I clicked on the CTA button asking to “Sign up”.

Actual results:

  1. Error is displayed! I entered all the fields and I used an auto-generated password, so I clicked on “sign up” again. It’s not working, It shows the same error, Then I found this password input field saying “I missed 1 symbol”, but I was using an auto-generated password by “FIREFOX”.

  2. As browsers are the ones that provide an auto-generated password. I wanted to check whether it happens with other websites’ registration pages.

  3. So I navigated to “Upwork”, and “Instagram” to “Sign up”. I used an auto-generated password by “FIREFOX”.

  4. I found "FIREFOX” doesn’t include symbols in auto-generated passwords. It includes only uppercase letters, lowercase letters, and numbers.

5)Studies say that “PASSWORDS” with a combination of uppercase letters, lower case letters, and numbers don’t do much to make them stronger. Including symbols is much more effective when creating passwords.

  1. Firefox browser doesn't include symbols in the autogenerated password that are crucial for many registrations/Sign up pages.

  2. The Maze sign-up page requires a strong password and has a combination of lowercase letters, Uppercase letters, Numbers, and Symbols as a prerequisite to sign-up. But Firefox's auto-generated password failed to match the prerequisites of the Maze website and other websites that have the same condition.

  3. Looking at a broader scenario, the above flaw will impact other websites’ seamless experience for sign-up pages and loses conversion rate and engagement ratio.

Expected results:

  1. Generates passwords with a combination of lowercase, Uppercase, Numbers, and symbols.

2)This helps the websites to provide a seamless signup experience to the users and protect themselves on the internet.

The Bugbug bot thinks this bug should belong to the 'Toolkit::Password Manager' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.

Component: Untriaged → Password Manager
Product: Firefox → Toolkit

(In reply to Release mgmt bot [:suhaib / :marco/ :calixte] from comment #1)

The Bugbug bot thinks this bug should belong to the 'Toolkit::Password Manager' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.

The above-reported bug does not belong to the "password manager"

OS: Unspecified → All
Hardware: Unspecified → All

:Datta Velivela thanks for filing this report! Indeed we should add special characters support to Password Generator. We track this in Bug 1559986.

Status: UNCONFIRMED → RESOLVED
Closed: 3 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: