cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
RomNexus6
New member
Status: New idea

Hello, of course i have my password vault locked with primary password.

Unfortunately, remembered logins on websites like Google and Facebook are secured by cookie login. Which not require my primary password. This is convenient for daily use because I don't need to enter their passwords anytime I open the browser. But when someone uses my computer unsolicited, this person gets instant access to my GMail/Facebook.

This could happens at work, because office PC credentials are in charge at IT administrator, which could use my PC in case of support/installation/updates/etc. In these cases he can open Firefox and use my Google/Facebook account without entering any password.

So I suggest to add a Firefox option in order to allow user to protect also cookies login data under Firefox primary password (which is only known by me). In this case, without knowing the primary password, nobody but me will be able to use my personal accounts.

6 Comments
Status changed to: New idea
Jon
Community Manager
Community Manager

Thanks for submitting an idea to the Mozilla Connect community! Your idea is now open to votes (aka kudos) and comments.

Mte90
Making moves

Makes more sense to ask in Firefox a password to use it.

jjfoerch
New member

I have encountered a similar situation. We use shared computers at work, and although we setup individual profiles, anyone is able to launch Firefox with someone else's profile and access their email and other services which are logged in via cookies. I trust my coworkers, but I would love to have a security option that could prevent accidental usage.

wlaziu
New member

Any chance to encrypt cookies and to protect from cookie hijack attacks thru master password?

taarsque
New member

I support the idea too. Very useful in cases, where freedom of speech is under pressure.

jjfoerch
New member

What I ended up doing was putting my profile into a VeraCrypt encrypted volume. This works well for my case and puts everything in the profile behind a password, not just passwords and cookies.