Firefox ate my saved logins :-(
Firefox ate my saved logins :-(
Much to my dismay, when I upgraded to Firefox 60.2.2.1esr a few days ago I found that it had deleted my master password and some 400+ saved logins Reading the release notes I learned that the update supposedly fixed a bug which potentially could expose saved logins which were saved before a master password was set. I believe that I had always used a master password - although my Firefox profile dates back to Netscape Navigator on Windows NT
I rolled back the upgrade and restored my Firefox profile from backup. Yesterday I tried again, upgrading to 60.2.2esr. Same issue. I did some more testing and it seems that Firefox will no longer save credentials protected with a master password.
Has anyone else observed this???
I filed a bug with the upstream vendor as it is their package (I think). https://bugzilla.redhat.com/show_bug.cgi?id=1638477 Please pile on the bug report if you are seeing this issue.
TIA,
Ken
I rolled back the upgrade and restored my Firefox profile from backup. Yesterday I tried again, upgrading to 60.2.2esr. Same issue. I did some more testing and it seems that Firefox will no longer save credentials protected with a master password.
Has anyone else observed this???
I filed a bug with the upstream vendor as it is their package (I think). https://bugzilla.redhat.com/show_bug.cgi?id=1638477 Please pile on the bug report if you are seeing this issue.
TIA,
Ken
Re: Firefox ate my saved logins :-(
There's already a bug filed for this: https://bugzilla.redhat.com/show_bug.cgi?id=1633932
Re: Firefox ate my saved logins :-(
Thanks avij,
I missed that. Let me make a note on my bug report referencing the earlier one. Glad I am not the only one to see this.
Ken
I missed that. Let me make a note on my bug report referencing the earlier one. Glad I am not the only one to see this.
Ken
Re: Firefox ate my saved logins :-(
Upon reading the OLD bug report in detail it references 60.2.1esr. The same issue appears to be present in .2esr so I guess I will leave my bug report against that newer version.
Can anyone recommend a good "external to Firefox" password manager? Non-cloud based please.
Ken
Can anyone recommend a good "external to Firefox" password manager? Non-cloud based please.
Ken
Re: Firefox ate my saved logins :-(
I use Password Safe and my dad uses KeyPass 2. I would be lost with out a password manager as I use different strong passwords for almost everything.
Re: Firefox ate my saved logins :-(
Thanks doulos,
I will look into those two. The native one in Firefox has done well for me for many years - except for an occasional site which attempts to prevent its credentials from being saved. I generated a master list of passwords several years ago. I started with a graphic file - don't remember of what - and UU encoded it as one would do to post a binary to Usenet. I then parsed out 10 columns, chosen at random, with FoxPro. I store the text file in an encrypted container file and decrypt/access it when I need a new password for something. I record where I have used the password in the master list as a backup. I still have 1000+ strong passwords available
Ken
I will look into those two. The native one in Firefox has done well for me for many years - except for an occasional site which attempts to prevent its credentials from being saved. I generated a master list of passwords several years ago. I started with a graphic file - don't remember of what - and UU encoded it as one would do to post a binary to Usenet. I then parsed out 10 columns, chosen at random, with FoxPro. I store the text file in an encrypted container file and decrypt/access it when I need a new password for something. I record where I have used the password in the master list as a backup. I still have 1000+ strong passwords available
Ken
Re: Firefox ate my saved logins :-(
You can set the environment variable while you wait for the fixed version.
https://lists.centos.org/pipermail/cent ... 70244.html
Though I'd also keep a backup of your current file as I am not sure that the fixed version will look at key4.db files in preference to the 3 version so you might be stuck with setting that environment variable forever or going back to an old file.
https://lists.centos.org/pipermail/cent ... 70244.html
Though I'd also keep a backup of your current file as I am not sure that the fixed version will look at key4.db files in preference to the 3 version so you might be stuck with setting that environment variable forever or going back to an old file.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: Firefox ate my saved logins :-(
Thanks TrevorH,
I am backed up six ways to Sunday. For the time being I have firefox excluded in /etc/yum.conf on the physical machine and virtual machine which I use for web browsing. When I see a new version of firefox coming available on another machine I will do some testing. Once it is fixed I will update my "production" machines.
Ken
I am backed up six ways to Sunday. For the time being I have firefox excluded in /etc/yum.conf on the physical machine and virtual machine which I use for web browsing. When I see a new version of firefox coming available on another machine I will do some testing. Once it is fixed I will update my "production" machines.
Ken
-
- Site Admin
- Posts: 254
- Joined: 2004/12/05 01:51:26
- Location: Corpus Christi, Texas, USA
- Contact:
Re: Firefox ate my saved logins :-(
Red Hat has an update in testing:
https://bugzilla.redhat.com/show_bug.cgi?id=1633932#c23
There are temporary (unsigned) files here for CentOS 6 and CentOS 7 (x86_64, i386):
https://buildlogs.centos.org/c6-firefox ... 015143830/
https://buildlogs.centos.org/c7-firefox ... 015143830/
As soon as the official update with the fix is released, I will get it built and signed.
https://bugzilla.redhat.com/show_bug.cgi?id=1633932#c23
There are temporary (unsigned) files here for CentOS 6 and CentOS 7 (x86_64, i386):
https://buildlogs.centos.org/c6-firefox ... 015143830/
https://buildlogs.centos.org/c7-firefox ... 015143830/
As soon as the official update with the fix is released, I will get it built and signed.
Re: Firefox ate my saved logins :-(
Thanks hughesjr,
60.2.2estr hit the repos a couple of days ago. I installed it on a test CentOS 7.5 machine, copied over my FF profile. Logged onto this site and closed Firefox. When I started it up again I found that my credentials had been zapped. I think I will give it a couple of days and see what 60.2.2.2 becomes. I might try building the srpm but not for "production" use.
Ken
60.2.2estr hit the repos a couple of days ago. I installed it on a test CentOS 7.5 machine, copied over my FF profile. Logged onto this site and closed Firefox. When I started it up again I found that my credentials had been zapped. I think I will give it a couple of days and see what 60.2.2.2 becomes. I might try building the srpm but not for "production" use.
Ken