Let me start off by saying that I realize making a statement as bold as the one in the title is blasphemy in the I.T. world, and I also realize that at this very moment I’m probably being brought up on charges of high treason by my fellow computer guru’s, but aside from all that I still have an interesting story and issue that I feel needs to be discussed at least briefly. Yes, I admit, Firefox is a better more secure browser, however there is one feature that is sometimes left insecure which could cause some problems for less experienced or new Firefox users. The feature that I’m talking about is the password manager. For most Firefox users, this handy feature saves a lot of time and hassle when it comes to entering passwords for different online accounts. The password manager stores those passwords for you and enters them automatically when needed. The problem is, that some users (especially new users) fail to realize that unless you place a master password on the manager itself, all your passwords can be accessed within seconds by someone using your computer. Even worse, sometimes users are well aware of this fact and just fail to implement a master password out of sheer laziness. The results of either of these two situations can be devastating. The story below comes from an anonymous submitter.
“My freshmen year of college there were three of us living in a room together. After a few months of living together we had gotten to know each other pretty well and of course enjoyed playing a prank every once in a while. One evening, when our one roommate (we’ll call him Joe) was out of the room, we noticed that he had left his computer unlocked. My other roommate (we’ll call him Steve), feeling particularly devious that evening, decided to check and see if Joe had protected his Firefox password manager with a master password. Much to his surprise, he had not. While Steve could have taken great advantage of this situation, he decided not to and instead teach Joe a little bit of a lesson. Firing up his digital camera, Steve took three pictures containing all of Joe’s passwords. He then attached them to an email and sent them off to Joe. Joe was a bit surprised upon receiving the email, but he quickly learned that leaving so much sensitive data exposed could have resulted in negative consequences. Needless to say, Joe quickly added a master password…and changed a lot of his existing passwords.”
This is just a simple example where no data or information was really harmed or stolen, however imagine something similar happening in a corporate environment with a negligent computer user. In such a case, the results could truly be damaging. I’m not asking anyone to not use Firefox, because it will definitely do a better job protecting you from other online threats than it’s competition. Just keep in mind that even the most secure entities sometimes have minor flaws. Adding a master password might seem obvious to most people, but there’s always someone who just might overlook it!
STEPS FOR ADDING A MASTER PASSWORD
- Select TOOLS followed by OPTIONS
- Select the PRIVACY or SECURITY tab (depending on your version)
- From within this tab, select the PASSWORDS tab
- Select SET MASTER PASSWORD
Technorati Tags: firefox security, firefox, firefox vs. IE, secure firefox
Share This
I must say, for a person that has stated on numerous occasions how much they dislike Firefox, you do have a lot of good things to say about it.
ie: “Yes, I admit, Firefox is a better more secure browser”
However, given that statement, the title doesn’t make a whole lot of sense. You stated that Firefox was much more secure, but at the same time state that IE is more secure because of one issue.
Considering our current field, you must know that many things factor into matters of security. One of those things, specifically, is that of user error. This is a perfect example of this. Firefox gives the user the ability to set a master password. If the user chooses not to use it, then it is the fault of the user. However, at the same time, if the user is unaware of this option–it can be the fault of the software.
On a side note: Setting the master password is located under the Security tab in the options, not the Privacy tab.
No, I’m not stating that IE is overall more secure because of one issue, just that there is one issue where IE beats Firefox in the security realm. The title is more of an irony thing.
[...] too many people who have taken care of that. No, this article was created to shed light on what a colleague of mine considers to be a security flaw. In my opinion it is more a matter of user error, but [...]