This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Can I really trust firefox password manager? There are so many free hacking tools for firefox?

more options

So I want to use Firefox password manager because I don't want to pay for paid password managers and because I'm broke. Norton identity safe is not very responsive and I can't use that with firefox anymore.

I got to know about firefox password manager and I used a master password. But I found out there are so many free hacking tools available to crack firefox password vault.

https://www.raymond.cc/blog/how-to-find-hidden-passwords-in-firefox/

I used a long master password and tried to hack my own vault using one of the free software I found online, and somehow it didn't work. But I see some blog posts saying that it's possible to crack the vault even if it is protected by master password with some sophisticated software. I don't know if this is true or not. Didn't try this out yet. 

http://realinfosec.com/?p=132

Why doesn't firefox use AES 256 encryption which is the fastest and safest encryption technology like other password managers like Norton identity safe and lastpass and dashlane? Why does it use 3EDS protection which is quite old, slow and not as safe?

I don't have time to test if firefox vault is really crackable with free hacking tools. How can I know my passwords are safe? I use norton identity safe for now, but copying and pasting from norton vault is a pain.

Thanks for your opinion.

So I want to use Firefox password manager because I don't want to pay for paid password managers and because I'm broke. Norton identity safe is not very responsive and I can't use that with firefox anymore. I got to know about firefox password manager and I used a master password. But I found out there are so many free hacking tools available to crack firefox password vault. https://www.raymond.cc/blog/how-to-find-hidden-passwords-in-firefox/ I used a long master password and tried to hack my own vault using one of the free software I found online, and somehow it didn't work. But I see some blog posts saying that it's possible to crack the vault even if it is protected by master password with some sophisticated software. I don't know if this is true or not. Didn't try this out yet. http://realinfosec.com/?p=132 Why doesn't firefox use AES 256 encryption which is the fastest and safest encryption technology like other password managers like Norton identity safe and lastpass and dashlane? Why does it use 3EDS protection which is quite old, slow and not as safe? I don't have time to test if firefox vault is really crackable with free hacking tools. How can I know my passwords are safe? I use norton identity safe for now, but copying and pasting from norton vault is a pain. Thanks for your opinion.

All Replies (1)

more options

Regarding this page - https://www.raymond.cc/blog/how-to-find-hidden-passwords-in-firefox/ - 3 year old article. The Firefox Password manager has been changed at least twice in that time.

Older yet - http://realinfosec.com/?p=132 - 2009.08.20

Overall, you're trying to do an "apples vs. oranges" comparison. IOW, built-in Firefox vs. 3rd party add-ons which have an online component. Doing that, IMO it's only fair to include the security of Sync for the comparison as the "online component" for Firefox Passwords.