ecurity Vulnerability: Password Prompt Ignored on Cancel Click
Dear FireFox, I am writing this E-mail to address a critical issue. So i wanted to set up a password for my firefox browser so that only I can access it. i set a primary password, and it asks me to enter the password when i open my browser. However, when the message appears asking me to enter the password, you can just click "cancel" option or press 'x' it ignores the password and lets me in the browser, essentially rendering the purpose of the password useless. thus anyone can access my browser. i request you to fix this problem. Regards -SpideyKnight
All Replies (2)
This is only for passwords, you can skip the monit and use the browser without entering anything.
Please read Use a Primary Password to protect stored logins and passwords.
The PP is used only to encrypt the key that is stored in key4.db as without the PP having access to logins.json and key4.db is sufficient to access the logins. Canceling the PP merely prevents access to the logins saved in the Password Manager, it doesn't affect using Firefox like posted above. You need to protect your Windows account with a password and use a Windows guest account for others that may use your device.