Join the Mozilla’s Test Days event from Dec 2–8 to test the new Firefox address bar on Firefox Beta 134 and get a chance to win Mozilla swag vouchers! 🎁

Avatar for Username

Sykje yn Support

Mij stipescams. Wy sille jo nea freegje in telefoannûmer te beljen, der in sms nei ta te stjoeren of persoanlike gegevens te dielen. Meld fertochte aktiviteit mei de opsje ‘Misbrûk melde’.

Mear ynfo

What exactly is encrypted by Primary Password?

  • 1 antwurd
  • 0 hawwe dit probleem
  • 6 werjeftes
  • Lêste antwurd fan cor-el

cherryseemstolikeme
cherryseemstolikeme
more options

Good afternoon,

I have read in an article a statement that Primary Password encrypts all saved logins, therefore it is safer and recommended to use it. Well, I observed that it does not really matter if the password is set for the contents of logins.json, it does not change. What exactly is encrypted by Primary Password and how does it improve security?

I also tried to set the same password for different websites (I used a different mail tho) and the output in logins.json is different, which is even more confusing to me.

The output itself is kind of strange, the first part of it seems to be the same for almost all entries and looks like that: MEoEEPgAAAAAAAAAAAAAAAAAAAEwFAYIKoZIhvcNAwc.

Good afternoon, I have read in an article a statement that Primary Password encrypts all saved logins, therefore it is safer and recommended to use it. Well, I observed that it does not really matter if the password is set for the contents of ''logins.json'', it does not change. What exactly is encrypted by Primary Password and how does it improve security? I also tried to set the same password for different websites (I used a different mail tho) and the output in ''logins.json'' is different, which is even more confusing to me. The output itself is kind of strange, the first part of it seems to be the same for almost all entries and looks like that: '''MEoEEPgAAAAAAAAAAAAAAAAAAAEwFAYIKoZIhvcNAwc'''.

Keazen oplossing

That is correct, the Primary Password doesn't change the content of logins.json. The PP encrypts the encryption key (seed) that is stored key4.db and logins.json stays the same. This means that replacing this key4.db with an older copy of key4.db that doesn't have the PP applied is able to access the logins in case you forget the PP.

Dit antwurd yn kontekst lêze 👍 1

Alle antwurden (1)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

Keazen oplossing

That is correct, the Primary Password doesn't change the content of logins.json. The PP encrypts the encryption key (seed) that is stored key4.db and logins.json stays the same. This means that replacing this key4.db with an older copy of key4.db that doesn't have the PP applied is able to access the logins in case you forget the PP.

Behelpsum?

In fraach stelle

Jo moatte jo oanmelde by jo account om op berjochten te antwurdzjen. Stel in nije fraach as jo noch gjin account hawwe.