There have been many improvements to the password manager in Firefox and some of them may take a while to be noticed so I thought I would highlight some of the user-facing ones in version 67:
about:config
.autocomplete
attribute are no longer considered as potential username fields.autocomplete="new-password"
will no longer be autofilled with saved logins. They will still be accessible via autocomplete and the context menu though.Credit for the fixes goes to Jared Wein, Sam Foster, Prathiksha Guruprasad, and myself. The full list of password manager improvements in Firefox 67 can be found on Bugzilla and there are many more to come in Firefox 68 so stay tuned…
Comments
Master password annoyance
But no integration with secret service in Linux so master password needs to be reentered every time you open Firefox nor is there an API to allow external password managers
RE: Master password annoyance
We are considering using the OS key store for storing encryption keys but I don't have any definite plans to share.
There are many 3rd-party password managers that work fine in Firefox and there is an API for those extensions to disable Firefox's built-in password manger.
Password store sync?
So will the new password handling be compatible with Mozilla's Sync Server? I'm heavily using SS for synchronizing bookmarks, tabs and passwords too, so it would be a pity if this ability gets dropped.
RE: Password store sync?
Yes, nothing about login storage or sync has changed.
Doing something about sites where no offer to save password
All of that is fine and dandy, but THE thing I would like to see is something done about sites where Firefox does not offer to save the password (on several of which Chrome DOES). The simplest solution, which i would like to see, is the ability to manually add an entry in the Password Manager.
RE: Doing something about sites where no offer to save password
I'm happy to share that we have made a major improvement to this area in Firefox 68 and there are more improvements to saving coming. We already have work in progress to allow you to manually add a login as well. :)
What's the correct CSS to set
What's the correct CSS to set the autofill background color ? Many websites look terrible with yellow boxes splatted on them.
https://wiki.mozilla.org/CSS/:autofill is unhelpful as the bugs are years old.
RE: What's the correct CSS to set
This is the first I've heard of issues about the colour even though we've used this colour for years for address autofill in the US. Bug 740979, linked from that wiki page, is the correct bug for adding support for changing the colour. The bug age isn't that important since we haven't had any complaints yet and therefore it wasn't a priority to fix. Could you please file a bug and provide URLs and/or screenshots of where it doesn't look good?
Highlighting.
V 67.0
How do I disable or permanently remove the yellow highlight? My page, as the commenter above wrote, looks awful. I also just do not like it or need it. I have no problem with saving login/passwords. Thank you.
At the enclosed link re Correct CSS to set - There is no solution, although my ability to read technical explanations is not great. I do understand that this is not a security issue - it's just aesthetics (!!!)
RE: Highlighting
See the earlier comment where I asked for example URLs and screenshots to be filed in a bug. There isn't a way for sites to override the colours as nobody has complained in the many years we've been using this style for address autofill. Without being able to see the problem we won't be able to come up with a solution.
Extra work for logins
Prior to 67.0, when I clicked DON'T UPDATE in a login, the WOULD YOU LIKE TO UPDATE THIS LOGIN? would go away, at least for awhile. Now it pops up every time I log in. I do not want to save my logins. All this has accomplished is to force me to click and extra DON'T UPDATE every time. This is in no way an improvement - it's just wrong.
RE: Extra work for logins
Please file a bug about this as it isn't expected: https://bugzilla.mozilla.org/enter_bug.cgi?product=Toolkit&component=Pas...
RE: Extra work for logins
I have verified the 3 main versions of Firefox (Release v67.0, Beta v68.0b5 and Nightly v69.0a1) and all behave the same, considering the appearance of the save/update password door hanger.
These are the details:
1. The "Save password" door-hanger appears every time if the user selects "Don't save" every time.
2. If the user selects "Never save", it will not appear at all for the site in question.
3. If the user saves his credentials and then changes his password, then the "Update password" prompt will appear every time if the user selects "Don't update" every time. Furthermore, this "Update password" door-hanger does not offer the option to "Never update", which would not make much sense.
Things I consider wrong:
4. When a set of credentials is already saved for the site in question, and another set is introduced, the user has the option to save it or not save it, but he does not have the option to "Never save" (to block the door-hanger on the site in question).
5. When the user saves a credential and then manually blocks the appearance of the door-hanger by manually blocking the website in the exceptions list in Preferences (or firstly blocks the site by "Never save" option on the door-hanger and then manually introduces a credential set on in Saved Logins), then, if the user changes his password, then the door-hanger to update the password will not appear and the auto-fill will be made with the incorrect password every time (until the user manually changes the password from the Saved logins).
Matt, can you please give me a feedback? Which of the situations above are expected and which are not? I'll log anything that needs logging.
RE: Extra work for logins
Can you file a bug with STR on this? Does it depend on the username being empty or having the same password stored? This code is maybe related.
Hmm… that case should work the same as your #3 so please file a separate bug on this.
Thank you very much!
no more password selection with the mouse
With Firefox 67 on macos, I think there is a regression when selecting between passwords.
Before FF 67, when 2 or more passwords were stored in password manager for a website, clicking the account in the list of suggested passwords filled the fields. Furthermore you could choose another login/pw if you wanted to.
Now with FF67, you have to select the account *and* type Enter. It is very annoying and, imho, an ergonomy regression, since your hand has to leave the mouse, use the keyboard, and return to the mouse.
I didn't see that issue on bugzilla, should I create a ticket there ?
RE: no more password selection with the mouse
Yes please. That wasn't an intentional change and I haven't seen any other reports about that.
RE: no more password selection with the mouse
This eventually got filed at https://bugzilla.mozilla.org/show_bug.cgi?id=1565318
I 'second that' > no more password selection with the mouse
THANK YOU for mentioning this, Fanch..
MATT > This is true for me, also... We used to be able to just select which sign-on credential set we wanted to use by mouse-clicking the username...
Now the mouse-clicking doesn't result in anything other than highlighting a selection from the list and then I have to hit TAB to get the credentials to 'paste' into the fields.. Being able to doubleclick with mouse on the username was much better..
ok, as every new release, a
ok, as every new release, a new wonderful fantastic super useful feature to be disabled... How this can be reverted? If a site ask me a password, and i already saved it, then means I SIMPLY WANT FIREFOX FILL THAT PASSWORD. I don't want to chose my username under the password field to see the field filled with the password. I simply want the password at its place without extra clicks. So, please, how can this be reverted to previous behavior?
RE: ok, as every new release, a
How can what be reverted? You haven't given enough information to know what change you are talking about. Did you perhaps uncheck the checkbox to disable login autofill? From the main menu go to "Logins & Passwords" and make sure the checkbox is still checked.
Thank you for the answer and
Thank you for the answer and sorry for my bad english, I try to better elaborate my problem:
In previous firefox versions, if i browse to a page with a login form with saved data, i can see the login and password fields already filled in (the password field with a series of dots, of course.
In firefox 67 (yes, the autofill checkbox is checked), when I browse to the same page, the login field is correctly filled, but the password field no. Under that field there is a one line dropdown with the username and a key icon. If i want to fill the password field i have to select the username.
This is clearly an usefulness extra step. Why, if my credentials are already stored i have to select that username under the password field?
Does the website maybe use
Does the website maybe use `autocomplete=new-password` on the password field?
View Saved Logins
This View Saved Logins is annoying and really serves no purpose.
Can you tell me how to stop seeing it every time I go to a webpage that I have saved username/password???
The purpose it serves is to
The purpose it serves is to get access to your login when the website has changed the domains they use. There isn't a way to shut it off. Other browsers also have it.
password exporter / how to export/import .csv to the latest FF?
Hi,
Im using firefox since the very first version. Im used to have a password exporter addon to store my passwords outside of my os as a backup in an external storage. Few versions earlier firefox just destroyed the password export addon somehow, and im stuck with the issue. I have exported my passwords in an XML file (password exporter addon), and im unable to use import/export features since Firefox 60+ versions.. I have been searching for ages online forums to find an alternative way (thanks, but no, i dont want firefox sync or cloud storage for my passwords) and i have seen there are thousands of users all over the web with the same issue. Yeah, I found very complicated technical methods for export, but for import there is nothing just the manual typing.. There was a promise about a new password manager feature for Firefox 67 (here: https://www.ghacks.net/2019/02/12/firefox-67-password-manager-improvements/) but i didnt found anything like this in the latest version. Im talking in the name of 1000s of users: Can you help us somehow to provide a simple button solution for this issue? Thanks!
RE: password exporter / how to export/import .csv to the latest
Firefox can import passwords from Chrome, IE and Edge on Windows. If you can import to them first then Firefox will import the logins.
Add new comment