Open Bug 1945417 Opened 13 days ago Updated 13 days ago

[contextual-password-manager] "Change Password" button in the Vulnerable Alert does not redirect directly

Categories

(Toolkit :: Password Manager, task)

Firefox 136
Desktop
All
task

Tracking

()

Tracking Status
firefox136 --- disabled

People

(Reporter: epopescu, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [fxcm-cpm-milestones-3-4])

Found in

  • Nightly 136.0a1

Affected versions

  • Nightly 136.0a1

Tested platforms

  • Affected platforms: Windows 11, macOS 13 ARM, Ubuntu 22.04
  • Unaffected platforms: none

Preconditions:

  • Set pref browser.contextual-password-manager.enabled to true in about:config
  • Enable Sidebar
  • Have several saved password records with active Breach and Vulnerable Alerts

Steps to reproduce

  1. Select a Vulnerable Alert entry from the Password list and click to Review alert button
  2. Click the "Change Password" button

Expected result

  • Clicking the "Change Password" button should redirect users to the website to update their login details.

Actual result

  • The "Change Password" button does not redirect to the reached website, but instead redirects users to manually update credentials in Passwords, which may cause autofill issues and leave accounts exposed.

Regression range

  • N/A

Additional notes

  • In Google Chrome there is a dedicated "Checkup" menu to display categories like Compromised, Reused, and Weak Passwords with a button to change compromised passwords directly on the respective website.
  • Please see the screen recording.
Blocks: 1942365
Has STR: --- → yes
OS: Unspecified → All
Hardware: Unspecified → Desktop
Whiteboard: [contextual-password-manager]
Version: unspecified → Firefox 136
Whiteboard: [contextual-password-manager] → [fxcm-cpm-milestones-3-4]
You need to log in before you can comment on or make changes to this bug.