This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Why can the master password be bypassed ?

  • 1 reply
  • 1 has this problem
  • 1 view
  • Last reply by cor-el

more options

Hi,

I'm using a Firefox-Profile from two Installations and it seems to work fine: 1) Firefox on Windows 10 2) Firefox ESR on Debian (For some reason "normal" Firefox is not available on Debian)

Today I entered a Master-Password for that Profile via the Debian. Now I have to enter the Master-Password when I want to display/edit the passwords. But if I access the profile via Windows, I don't need to enter a master password (also the master password checkbox is not checked) and I can see all the passwords.

Does the master password just affect new passwords and the old ones were ignored ? Or is that because I'm using different versions of firefox?


br Gerhard

Hi, I'm using a Firefox-Profile from two Installations and it seems to work fine: 1) Firefox on Windows 10 2) Firefox ESR on Debian (For some reason "normal" Firefox is not available on Debian) Today I entered a Master-Password for that Profile via the Debian. Now I have to enter the Master-Password when I want to display/edit the passwords. But if I access the profile via Windows, I don't need to enter a master password (also the master password checkbox is not checked) and I can see all the passwords. Does the master password just affect new passwords and the old ones were ignored ? Or is that because I'm using different versions of firefox? br Gerhard

All Replies (1)

more options

Are you using the same Firefox version on Debian and on Windows?

The Firefox ESR version you use on Linux might be using key3.db (DBM) for the key file that stores the encryption key. The newer version you use on Windows might be using key4.db (SQL) for the key file. You can try to remove the key4.db file in that profile folder to see if that works. Note that you can get issues if you share the same profile folder between multiple operating systems (file path formats aren't the same).