The checkbox in the screenshot refers to the Firefix Password Manager without Master Password, although it doesn't check and it works in both cases. (My initial research reveals complaints and vulnerabilities in old (pre-Sync) versions of Firefox, including confusion about which login components are encrypted and which are not, suggestions that new Sync is "zero-knowledge" (but no clarification on what is stored in plaintext locally), claims that LastPass uses JavaScript for encryption and is therefore inherently insecure and, most confusingly, endorsement of LastPass from Mozilla.) I assume the threat model is something like daily browser use, including entering passwords for online banking etc, and storing and sharing login credentials between browser installations on different machines you own.) ( not comparing LastPass to unsynced Firefox without Master Password).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |