Is it at all possible for a program off the computer to get password information from the password manager?
With all of the discussion about needing an "external" password manager (outside the browser), and recent demonstration about how much information can be gotten about web browsing, IP addresses, physical location (at least down to the city), etc., I am concerned as to whether it IS safer to use a 3rd party password manager instead of the one in Firefox.\
ed
Alla svar (2)
If you use a Master Password that is sufficiently strong then you should be safe.
- https://support.mozilla.org/kb/create-secure-passwords-keep-your-identity-safe
- http://en.wikipedia.org/wiki/Password_strength
- https://www.microsoft.com/security/pc-security/password-checker.aspx
If you do not use a master password then having access to key3.db and signons.sqlite is sufficient to have access to the encrypted names and passwords by placing the two files in a Firefox profile folder.
Others will be more knowledgeable but I would think it makes little difference choosing between Firefox and secure password manager. I am of course presuming you do use a master password, and do not l login use that master password then let others use your computer.
There are other methods of getting password information.
- Keylogers and man in the middle attacks for instance,
- and how secure is your actual password
- or just your computer in general.
- and other methods of gathering information without the password.