Firefox stores passwords not secure enough on

Mozilla’s master password feature in Firefox has been for many years not safe enough. It uses an outdated encryptietechniek that easy to crack. That also applies to Mozilla’s mail client Thunderbird.

The master password set SH1 encryption to stored browser passwords, extra to to encrypt. But attackers can easily work around with the tools on the basis of fast calculations in no time, the underlying passwords opduikelen. Therefore, there is nowadays a more complex method for hands: SHA-2.

Nine years

In Firefox however, it still uses SHA-1, discovered Adblock Plus developer Wladimir Palant. That is already nine years but in all that time, nothing is done. Mozilla says on the height, and in the future with a solution in the form of a new password manager for Firefox, Lockbox.

Want to be on the safe side, choose a different password manager than the default master password of Firefox. Reliable examples include 1Password and LastPass.

Off-topic responses will be removed. Linking to illegal sources is not allowed. Comments about any spelling mistakes, other comments and questions regarding the website please send an email to the

Please enable JavaScript to view the comments powered by Disqus.
blog comments powered by Disqus