This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

ecurity Vulnerability: Password Prompt Ignored on Cancel Click

  • 2 balasan
  • 1 ada masalah ini
  • 1 paparan
  • Balasan terakhir oleh cor-el

more options

Dear FireFox, I am writing this E-mail to address a critical issue. So i wanted to set up a password for my firefox browser so that only I can access it. i set a primary password, and it asks me to enter the password when i open my browser. However, when the message appears asking me to enter the password, you can just click "cancel" option or press 'x' it ignores the password and lets me in the browser, essentially rendering the purpose of the password useless. thus anyone can access my browser. i request you to fix this problem. Regards -SpideyKnight

Dear FireFox, I am writing this E-mail to address a critical issue. So i wanted to set up a password for my firefox browser so that only I can access it. i set a primary password, and it asks me to enter the password when i open my browser. However, when the message appears asking me to enter the password, you can just click "cancel" option or press 'x' it ignores the password and lets me in the browser, essentially rendering the purpose of the password useless. thus anyone can access my browser. i request you to fix this problem. Regards -SpideyKnight

All Replies (2)

more options

This is only for passwords, you can skip the monit and use the browser without entering anything.

Please read Use a Primary Password to protect stored logins and passwords.

Helpful?

more options

The PP is used only to encrypt the key that is stored in key4.db as without the PP having access to logins.json and key4.db is sufficient to access the logins. Canceling the PP merely prevents access to the logins saved in the Password Manager, it doesn't affect using Firefox like posted above. You need to protect your Windows account with a password and use a Windows guest account for others that may use your device.

Helpful?

Tanya soalan

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.