Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

When is Primary Password going to protect stored cookies? (authentication cookies in particular)

  • 1 reply
  • 1 has this problem
  • 9 views
  • Last reply by Dropa

more options

There is a wave of malware targeting authentication cookies stored on disk (e.g. recent LTT hack). It has become obvious that malware doesn't need to target stored passwords to get access to a site/account. Primary Password has solved this problem, but only for the stored passwords. The stored cookies are just as exposed as the stored passwords were, provide access to sites/accounts and bypass 2FA checks because they bypass normal login protocols.

Primary password should secure the stored cookies as well. When is this going to be implemented?

Thanks!

There is a wave of malware targeting authentication cookies stored on disk (e.g. recent LTT hack). It has become obvious that malware doesn't need to target stored passwords to get access to a site/account. Primary Password has solved this problem, but only for the stored passwords. The stored cookies are just as exposed as the stored passwords were, provide access to sites/accounts and bypass 2FA checks because they bypass normal login protocols. Primary password should secure the stored cookies as well. When is this going to be implemented? Thanks!

All Replies (1)

more options

That goes beyond what Primary password is only for Firefox account. One should check their cookie protection settings to change protection. Also one needs to insure their Security software is up to date and that it is working.