为提升您的使用体验,本站正在维护,部分功能暂时无法使用。如果本站文章无法解决您的问题,您想要向社区提问的话,请到 Twitter 上的 @FirefoxSupport 或 Reddit 上的 /r/firefox 提问,我们的支持社区将会很快回复您的疑问。

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

Does modzilla save passwords/bookmarks etc on their servers ?

  • 7 个回答
  • 3 人有此问题
  • 13 次查看
  • 最后回复者为 capcomnz

more options

After the Opera "breach" http://www.opera.com/blogs/security/2016/08/opera-server-breach-incident/

Does Modzilla save bookmarks and/or passwords on its servers when sync is activated ? Are these secure? Can these be viewed (apart from viewing under Options->Security->Saved Logins) I know Chrome has a option of opening up Google Dashboard where it will advise of all saved data on its servers, under Google Sync. Is there a similar option for Firefox ??

I have deleted my old account and created a new on but only syn'd the bookmarks due to this Opera incident.

After the Opera "breach" http://www.opera.com/blogs/security/2016/08/opera-server-breach-incident/ Does Modzilla save bookmarks and/or passwords on its servers when sync is activated ? Are these secure? Can these be viewed (apart from viewing under Options->Security->Saved Logins) I know Chrome has a option of opening up Google Dashboard where it will advise of all saved data on its servers, under Google Sync. Is there a similar option for Firefox ?? I have deleted my old account and created a new on but only syn'd the bookmarks due to this Opera incident.

所有回复 (7)

more options

hi capcomnz, if you are using firefox sync, your data will be encrypted locally on your device with a key derived from your firefox account password before it is sent to mozilla's servers - your account password is the only way to decrypt that data. if you want to learn more about the technical details about the sync protocol you can refer to its documentation at https://github.com/mozilla/fxa-auth-server/wiki/onepw-protocol (in particular the section about "security analysis").

more options

Thanks for the reply Philipp but the technical stuff was way over my head. You said "that the data is encrypted locally on device .....before it is sent to Mozillas servers." So in theory the same thing that happened at Opera could happen here. The account passwords were possibly compromised, which lead to 3rd party site passwords being possibly compromised as well, through their sync system. Does that mean that when I deleted my old account all information was deleted and now I have setup a new account and only syncing bookmarks no 3rd party site passwords should be on Mozillas servers.

more options

hey again, i am not sure what kind of attack exactly happened with opera or what kind of security safeguards they are using, so i cannot comment on that.

but yes, what's cryptographically protecting your sync data is in essence your firefox account password, so we advise to pick a strong and unique password for that purpose. if i'm not mistaken we also recently introduced some form of 2-factor authentication so that when a new device wants to connect to your sync account you not only have to provide a password but also demonstrate control over your email account (by clicking a link on a confirmation mail).

i don't think that after closing an account the data is purged immediately (this happens on something like a daily interval) - but deleting an account destroys its encryption keys, so the encrypted blobs on the server become meaningless.

more options

capcomnz said

Does that mean that when I deleted my old account all information was deleted and now I have setup a new account and only syncing bookmarks no 3rd party site passwords should be on Mozillas servers.

How did you "delete" your old account? What exactly did you do?

more options

Hi jscher2000 I simply went under Options -> Sync and clicked on Manage Account That opened a website which gave several options like changing picture, display name, password but also Delete Account.

more options

That sounds conclusive to me. Especially if you were able to create a new account using the same email address.

more options

Actually i created a new account under a different email address and only syn'd bookmarks. That way I get them on my iPad as well.