We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Firefox Security Concerns; Bookmarks, Passwords, Sync, Etc...

  • 2 replies
  • 14 have this problem
  • 4 views
  • Last reply by ChavezJ

more options

Can’t help being concerned, most likely it's out pure ignorance on my part, but here goes the question anyway.

Because Firefox is an open source software application, and worked on by a growing global community of open-source developers, some of whom are employed by the corporation itself, are Firefox features such as; Bookmarks, Passwords, Sync, etc… really private from community of open-source developers, some of whom are employed by the corporation itself?

Is it possible for an Add-on, plugins, etc… to have access to Firefox’s; Bookmarks, Passwords, Sync, etc… data?

Can’t help being concerned, most likely it's out pure ignorance on my part, but here goes the question anyway. Because Firefox is an open source software application, and worked on by a growing global community of open-source developers, some of whom are employed by the corporation itself, are Firefox features such as; Bookmarks, Passwords, Sync, etc… really private from community of open-source developers, some of whom are employed by the corporation itself? Is it possible for an Add-on, plugins, etc… to have access to Firefox’s; Bookmarks, Passwords, Sync, etc… data?

All Replies (2)

more options

Anyone can have access to bookmarks. Those are not protected and stored in an SQLite database file that can be accessed via an appropriate program or by simply copying the file places.sqlite to another profile folder.

You can protect the names and passwords that are stored in the Firefox Password Manager with a master password ()stored in key3.db) that will encrypt the names and passwords in the file signons.sqlite that stores them. Without that MP no access to the passwords is possible. Once you have entered the MP during a session it is however possible to get access to the names and passwords. Sync data is encrypted via the Sync key that is stored in the password manager and the name and password of the sync account is stored as well.


more options

Thanks, most enlightening.