protect auto-fill data using a password
Categories
(Toolkit :: Form Autofill, enhancement, P3)
Tracking
()
People
(Reporter: u20230201, Unassigned, NeedInfo)
Details
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0
Steps to reproduce:
After restarting Firefox (updated to 102.6.0) I filled in a form, and auto-fill data was suggested.
Actual results:
Auto-fill data was suggested, even though I hadn't entered the master password that protects passwords. My expectation was that any personal data were protected with the master password.
Expected results:
As such auto-fill data can be sensitive, too, I'd like to see the possibility to protect such data with a password, too.
Comment 1•2 years ago
|
||
The Bugbug bot thinks this bug should belong to the 'Toolkit::Password Manager' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.
Comment 2•2 years ago
|
||
This is unlikely to make it as most users would be annoyed if this feature was introduced, so this suggestion is invalid
Reporter | ||
Comment 3•2 years ago
|
||
I wonder about three things:
- Is the annoyance to enter the master password once after starting Firefox?
- Will users being annoyed use a master password to protect their private data at all?
- Don't user's care about their private data? (I'll consider address and phone number as "private data", for example)
Comment 4•2 years ago
|
||
(In reply to Ulrich Windl from comment #3)
I wonder about three things:
- Is the annoyance to enter the master password once after starting Firefox?
- Will users being annoyed use a master password to protect their private data at all?
- Don't user's care about their private data? (I'll consider address and phone number as "private data", for example)
I suppose it might make it if it was introduced as an optional feature that people could turn on manually, However this would be a very expensive and difficult feature to make
Updated•2 years ago
|
Comment 5•2 years ago
|
||
Primary Password is an opt-in feature, so only users who wants it will be using it.
Can you provide a screenshot (with fake or blurred username please) of when this didn't work as you expected? Did it have yellow background (autofilled by browser) or it was prefilled by web site itself? Was it username/password or credit card or address or general form history?
Reporter | ||
Comment 6•2 years ago
|
||
AFAIR it was general form history. Also some pages seem to be deliberately designed in a way that the password manager does not work, so any "general" form field could be confidential.
Updated•2 years ago
|
Description
•