how do I clear all my saved passwords or make the master password work?
I have been using saved passwords and I am now trying to get the master password to prompt me before it logs into any site. It's not working so I would like to just clear all my saved passwords if that's my only option.
الحل المُختار
This could get to be a long story, but...
Most sites will keep you logged in using a cookie. These cookies can be persistent and be valid for months, or they expire at the end of your session, or they can be for a specific short time. Each site is going to be somewhat different, depending on their balance of convenience and security.
Manually logging out of a site will either clear the cookie, or invalidate the session on the server so that the cookie no longer links up to a live session, or both.
When you have a cookie that the server still accepts, the site usually doesn't display the login page, so your stored password is never used.
If you want cookies only to be valid for the current session of Firefox, you can change your general setting in the Options/Preferences dialog.
"3-bar" menu button > Options / Preferences > Privacy panel
If the selector says "Firefox will: Remember history" change it to "Use custom settings for history". Then under "Accept cookies" change the "Keep until" setting to "I close Firefox".
That won't affect currently saved cookies, but in the future, when a site sets a cookie, unless you create a site-specific exception, it will be flushed when you exit Firefox.
There is an exception to the general rule: Firefox stores crash recovery data for your open windows and tabs, and will keep the session cookies in that file in case you restore your previous session. (For secure (HTTPS) sites, the cookies are only used in an automatic restoration, not a manual restoration from the History menu.)
Anyway, it's best to log out of sensitive sites manually to be really sure that no one can get back into those sites.
Read this answer in context 👍 0All Replies (7)
You generally only need to enter the master password once per session, not for every single login. This article describes the feature in more detail: Use a Primary Password to protect stored logins and passwords.
Over the years there have been a few extensions that modify this feature so that the master password needs to be re-entered after a period of time. Here's one that has a "Featured" badge on the add-ons site, but I haven't tried it myself: https://addons.mozilla.org/firefox/addon/master-password/
This is not my current issue. My issue is that it NEVER prompts me to enter the master password. Therefore I have no security even if FireFox has been closed.
When you check the Preferences dialog, is the master password still set or is it getting cleared somehow?
yes it is set. and now another issue it won't let me turn it off. When I deselect it in preferences it prompts me for the password but the "remove" button is never highlighted or active even after I enter the current password
it seems that if I sign out of all the websites before I close the browser then it does not log me back in. Is this the expected behavior? I have deleted all my saved logins and turned off remember passwords for sites and turned off the master password. If I simply close the browser while logged into a given site when I restart the browser should it automatically log me in?
الحل المُختار
This could get to be a long story, but...
Most sites will keep you logged in using a cookie. These cookies can be persistent and be valid for months, or they expire at the end of your session, or they can be for a specific short time. Each site is going to be somewhat different, depending on their balance of convenience and security.
Manually logging out of a site will either clear the cookie, or invalidate the session on the server so that the cookie no longer links up to a live session, or both.
When you have a cookie that the server still accepts, the site usually doesn't display the login page, so your stored password is never used.
If you want cookies only to be valid for the current session of Firefox, you can change your general setting in the Options/Preferences dialog.
"3-bar" menu button > Options / Preferences > Privacy panel
If the selector says "Firefox will: Remember history" change it to "Use custom settings for history". Then under "Accept cookies" change the "Keep until" setting to "I close Firefox".
That won't affect currently saved cookies, but in the future, when a site sets a cookie, unless you create a site-specific exception, it will be flushed when you exit Firefox.
There is an exception to the general rule: Firefox stores crash recovery data for your open windows and tabs, and will keep the session cookies in that file in case you restore your previous session. (For secure (HTTPS) sites, the cookies are only used in an automatic restoration, not a manual restoration from the History menu.)
Anyway, it's best to log out of sensitive sites manually to be really sure that no one can get back into those sites.
Thank you very much. I should have thought about the cookie issue. You have been a great help.