I got to thinking about password storage in Firefox recently, and wanted to figure out if they are easy to recover. A quick search led me to to Password Fox. I tried it out, and recovered the password pretty quickly (under a minute, maybe under 10 seconds).
I started with a decent string generator, and got this for a password:
Next, i made up an account and stored the password. Finally, using Password Fox I recovered the password, as seen here:
The passwords are stored in a javascript object notation (json) file. I added a few line breaks for easy reading, but it is this:
I went back in and set a master password, and the same trick did not work. So, I recommend using this 'master password' if you're going to let Firefox store your passwords (but don't forget it).
This is all covered fairly well on Mozilla's support forum.
No comments:
Post a Comment