This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

firefox sync security enquiry

  • 2 replies
  • 1 has this problem
  • 4 views
  • Last reply by Checkmate

more options

Good day.

I would like to know what security precautions Firefox uses on its sync capability.

I need utmost security to make sure my login and history data is not compromised as I have sensitive company and client login details that I sync.

Does firefox use good encryption standards such as SHA256/SHA512 etc?

Thank you

Good day. I would like to know what security precautions Firefox uses on its sync capability. I need utmost security to make sure my login and history data is not compromised as I have sensitive company and client login details that I sync. Does firefox use good encryption standards such as SHA256/SHA512 etc? Thank you

Chosen solution

hi Checkmate, the whole security architecture of the service is documented at https://github.com/mozilla/fxa-auth-server/wiki/onepw-protocol if you're interested in the technical details.

i'd say it's designed with security as the most important factor in all aspects - to the detriment of usability (we regularly get support requests from people who have forgotten their account passwords or access to their 2nd factor device without any saved recovery codes, but there's no possible way to have their data restored)...

Read this answer in context 👍 1

All Replies (2)

more options

Chosen Solution

hi Checkmate, the whole security architecture of the service is documented at https://github.com/mozilla/fxa-auth-server/wiki/onepw-protocol if you're interested in the technical details.

i'd say it's designed with security as the most important factor in all aspects - to the detriment of usability (we regularly get support requests from people who have forgotten their account passwords or access to their 2nd factor device without any saved recovery codes, but there's no possible way to have their data restored)...

more options

Thanks a lot. Highly appreciated. As an aspiring cybersecurity professional I am very interested about what security precautions services use that I use on a daily basis.