Now I have learnt – never trust your passwords to Mozilla. I used to love the Password Manager feature of Mozilla, and I used it in my daily browsing. It basically keeps all your password centrally on one file, and then automatically fill out the username/password fields in the form, if they have been filled out previously. It is really a time saving feature because I do not need to remember all my password anymore. All I need is a master passphrase that unlocks the encrypted password file, and in the rest of my Mozilla session it will deal and offer to remember all the passwords so I do not need to type them in again. Moreover, I can now use different random password for all the sites I’ve visited and I do not need to worry that I cannot remember them the next day – as long as the password manager is trustworthy.
The trouble comes when you need to migrate the password files to another profile. For example, migrating it to another computer. Or in my case today, I totally trashed my previous profile (the Mozilla Mail refused to start anymore so I have to brute kill it) and I want to start fresh with a new profile. I copied the encrypted password files in, changed the preference Javascript file, but I still cannot use the passwords I have stored previously. I’ve searched the Internet but I have come down to no solution. Sign. I really have to start from fresh again….
You wrote “never trust your passwords to Mozilla” – why? I expect Mozilla to not expose the passwords to anyone but me, and this works. If you’re relying on the Password Manager not only being a secure storage (confidentiality) but also a safe storage (availability), you may be expecting more from it than it was meant to be.
With this “never trust”, the concern is not about security and Mozilla’s encryption on stored password, but rather on the difficulty to migrate password to another computer, or back up/restore, etc. I might have stored and trusted all my passwords there, but then when I need to trash my profile (which is needed regularly in the early stage of Mozilla development), I found there is no easy way to import export stored password.
Try the link below for importing passwords.
Adam,
That is certainly useful. Thank you very much.
What “link below” was with item 3. I sure could use it…
remove the no spam to reply…