為了改善您的使用體驗,本網站正在進行維護,部分功能暫時無法使用。若本站的文件無法解決您的問題,想要向社群發問的話,請到 Twitter 上的 @FirefoxSupport 或 Reddit 上的 /r/firefox 發問,我們的社群成員將很快會回覆您的疑問。

搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

了解更多

Should I first delete all saved passwords before assigning master password firefox 21

  • 6 回覆
  • 9 有這個問題
  • 34 次檢視
  • 最近回覆由 cor-el

more options

I want to start using the 'Master Password' feature. There are a couple of hundred 'stored' passwords in the Options-Security-Saved Passwords tab so I'm wondering if it would be best to delete ALL of these before setting up a Master Password. I will be changing and deleting several of the 'stored' passwords anyway. But my main question is whether or not the 'Master Password' would encrypt All of the existing 'stored' passwords and what if they have already been comprised by surfing anyway??

I want to start using the 'Master Password' feature. There are a couple of hundred 'stored' passwords in the Options-Security-Saved Passwords tab so I'm wondering if it would be best to delete ALL of these before setting up a Master Password. I will be changing and deleting several of the 'stored' passwords anyway. But my main question is whether or not the 'Master Password' would encrypt All of the existing 'stored' passwords and what if they have already been comprised by surfing anyway??

被選擇的解決方法

Al current passwords will be encrypted with the Master Password if you set one and that includes passwords that you already have saved. So there is no need to delete the current passwords.

從原來的回覆中察看解決方案 👍 16

所有回覆 (6)

more options

No need to delete that.

Master passwords are used to protect the saved passwords.

Know more about Master Passwords

more options
more options

What if the existing 'Stored' list has already been comprised by surfing or some other invasion??

Question is, are 'new' user names and passwords protected better when they are 'entered' and 'saved' by firefox after you have a 'Master Password' enabled??

I guess I don't understand how the M/P protects the 'saved list'.

I'm thinking it has to be best to build a 'new' list after the M/P is created. Probably should change all the old passwords anyway. "Just because you're paranoid doesn't mean they aren't after you" Joseph Heller.

more options

The names and passwords are encrypted with a Triple DES key that is stored in key3.db and the master password adds an additional level to that encryption.
If you do not use a master password then having access to key3.db and signons.sqlite is sufficient to have access to the encrypted names and passwords by placing the two files in a Firefox profile folder.
Always use a strong master password (e.g at least 12 characters) that can't be easily guessed or found via a dictionary look up or a script and you should be safe.
Make sure that you remember that master password or else all your passwords are lost.
You always need the matching file key3.db that was used to create a signons.sqlite file to make it possible to decrypt signons.sqlite.

more options

While this does not answer my 'simple' question, it is, nonetheless, a very technical answer about the purpose of using a 'master'.

The 'simple' question was "are new user names and passwords protected better when they are 'entered' and 'saved' by firefox after you have a 'Master Password' enabled??

I am going to assume that there is 'technically' no advantage, but it might be a good time to 'remove' all existing 'stored' p/w and start new with creating a M/P and re-entering or better yet changing the old passwords and letting them be saved anew. I 'screen-printed' the existing Stored passwords and copied to a word doc, plus I turned the doc landscape, R-clicked the image of each page and increased the 'size' to 100% (in my case) so I could read the copied user name / password list (each screen-print image would fill one page in the word doc). I guess I will have to tell it to NOT save the old p/w and wait until I Change it to actually 'save' it. Good luck. Maybe I'm just insane, but remember - "Just because you're paranoid doesn't mean they aren't after you" Joseph Heller.

more options

選擇的解決方法

Al current passwords will be encrypted with the Master Password if you set one and that includes passwords that you already have saved. So there is no need to delete the current passwords.