this post was submitted on
1 point (57% upvoted)
shortlink:

firefox

37,828 readers

684 users here now

Work for Mozilla? Get a verified flair!
Related subreddits

🔥 Get Firefox

Get Firefox Quantum
Get a different build

🧡 Help Mozilla

Volunteer with Mozilla
Answer questions on SUMO

🛠 Get Support

See r/Firefox/Wiki/Support
Try basic troubleshooting
Ask for help on SUMO (Mozilla Support)
Ask for help on /r/Firefox
Found a bug? Report it on Bugzilla

a community for
message the moderators

MODERATORS

0
1

HelpWhat is “chrome://FirefoxAccounts (Firefox Accounts credentials)” under “Saved Logins” section in Firefox? Can I delete it? (self.firefox)

submitted by TheCodesterr

The only thing I can think of is when I imported all my saved logins from Chrome.

I saw it when I downloaded the extension: Saved Password Editor 2.10.1 by Daniel Dawson. I was paranoid that this extension might expose/hack all my passwords, so I deleted it. Do you think it's safe?

all 13 comments
sorted by:
best
topnewcontroversialoldq&a

[–]K900_Arch 3 points4 points  (5 children)

I think that's your Sync password.

[–]TheCodesterr[S] 0 points1 point  (4 children)

Why is it stored in Chrome://?

[–]K900_Arch 8 points9 points  (3 children)

chrome:// is the protocol for "browser chrome" - i.e. the UI. The name was used in Mozilla and Firefox long before the Chrome browser came out.

[–]TheCodesterr[S] 0 points1 point  (2 children)

Oh cool! Didn't know that. Do you know why it's in my logins though?

[–]K900_Arch 0 points1 point  (1 child)

Because you've set up Sync?

[–]rfkelly 1 point2 points  (0 children)

Right, it's there because you've set up sync. More specifically, it's there because the logins data store is the most secure place for storing data in your local Firefox profile, e.g. if you set a Master Password, all that data gets encrypted with your master password.

[–]Masta_BatesFirefox user since 08-2002 2 points3 points  (2 children)

Absolutely nothing to do with the Master Password feature in Firefox.

Somebody set up Sync in that Profile. No other way that will appear in the Password Manager. Importing data from another browser won't create that chrome:// address. Strictly internal to Firefox / that Profile.

If you open Saved Logins and then Show Passwords, right-click that "Site" and select Copy Password. Then paste that into a text editor. You'll see the kA and the kB string that is used for encrypting your data as it is sent to the Sync server and for decrypting it upon return from the server. Looks like this:

{"version":1,"accountData":{"kA":"b8b02f83306f5f0e038c14b3ed82f585b38a40af1f30c85e85c9d95fcc4446e8","kB":"c7961085aab9766b95eek3cfe85319902fc991958cbdf33259276f645a9ce007"}} Obfuscated strings as it's from my browser Sync account in a test Profile.

I have forgotten exactly what kA and kB are specifically used for, but the combination of those 2 "keys" is what encrypts Sync data when that data is off of the device. In transit to the Sync server and while it's sitting on the Sync server.

Those kA & kB strings are created from the user set Password for that Sync / Firefox Account at the time of Password creation or the last Password change. Without those exact keys, the Sync data is virtually useless; can you imagine trying to "guess" an alpha / numeric string with so many characters? That's why changing the Sync Password deletes the data from the Sync server; with a different Password Firefox wouldn't be able to decrypt the data, so it's just deleted from the server as useless.

[–]TheCodesterr[S] 1 point2 points  (1 child)

So everybody must have the address in their saved logins, correct? No need to worry about it or touch it.

[–]gnarlyNightly (Windows x64) 1 point2 points  (0 children)

Correct.

[–]jscher2000Firefox Windows 0 points1 point  (3 children)

If you do not use a Master Password to secure your saved Sync password (and other saved passwords), consider:

https://support.mozilla.org/kb/use-master-password-protect-stored-logins

Please note that a Master Password is purely local: you need to create one on every device you connect to your Sync account.

[–]TheCodesterr[S] 0 points1 point  (2 children)

I do use a Master Password.

[–]jscher2000Firefox Windows 0 points1 point  (1 child)

Excellent.

[–]TheCodesterr[S] 0 points1 point  (0 children)

I actually used Firefox for a while and then everyone switched to Chrome because it's a little quicker. Well, it's definitely not as secure as Firefox. I love it because of the master password. That's why I switched back.

Firefox does things like 1Password would do, but free! Love it.

Use of this site constitutes acceptance of our User Agreement and Privacy Policy. © 2017 reddit inc. All rights reserved.

REDDIT and the ALIEN Logo are registered trademarks of reddit inc.

π Rendered by PID 118519 on app-413 at 2017-11-29 17:21:51.138649+00:00 running 6d060ce country code: JP.

this post was submitted on
1 point (57% upvoted)
shortlink:

firefox

37,828 readers

684 users here now

Work for Mozilla? Get a verified flair!
Related subreddits

🔥 Get Firefox

Get Firefox Quantum
Get a different build

🧡 Help Mozilla

Volunteer with Mozilla
Answer questions on SUMO

🛠 Get Support

See r/Firefox/Wiki/Support
Try basic troubleshooting
Ask for help on SUMO (Mozilla Support)
Ask for help on /r/Firefox
Found a bug? Report it on Bugzilla

a community for
message the moderators

MODERATORS

0
1

HelpWhat is “chrome://FirefoxAccounts (Firefox Accounts credentials)” under “Saved Logins” section in Firefox? Can I delete it? (self.firefox)

submitted by TheCodesterr

The only thing I can think of is when I imported all my saved logins from Chrome.

I saw it when I downloaded the extension: Saved Password Editor 2.10.1 by Daniel Dawson. I was paranoid that this extension might expose/hack all my passwords, so I deleted it. Do you think it's safe?

all 13 comments
sorted by:
best
topnewcontroversialoldq&a

[–]K900_Arch 3 points4 points  (5 children)

I think that's your Sync password.

[–]TheCodesterr[S] 0 points1 point  (4 children)

Why is it stored in Chrome://?

[–]K900_Arch 8 points9 points  (3 children)

chrome:// is the protocol for "browser chrome" - i.e. the UI. The name was used in Mozilla and Firefox long before the Chrome browser came out.

[–]TheCodesterr[S] 0 points1 point  (2 children)

Oh cool! Didn't know that. Do you know why it's in my logins though?

[–]K900_Arch 0 points1 point  (1 child)

Because you've set up Sync?

[–]rfkelly 1 point2 points  (0 children)

Right, it's there because you've set up sync. More specifically, it's there because the logins data store is the most secure place for storing data in your local Firefox profile, e.g. if you set a Master Password, all that data gets encrypted with your master password.

[–]Masta_BatesFirefox user since 08-2002 2 points3 points  (2 children)

Absolutely nothing to do with the Master Password feature in Firefox.

Somebody set up Sync in that Profile. No other way that will appear in the Password Manager. Importing data from another browser won't create that chrome:// address. Strictly internal to Firefox / that Profile.

If you open Saved Logins and then Show Passwords, right-click that "Site" and select Copy Password. Then paste that into a text editor. You'll see the kA and the kB string that is used for encrypting your data as it is sent to the Sync server and for decrypting it upon return from the server. Looks like this:

{"version":1,"accountData":{"kA":"b8b02f83306f5f0e038c14b3ed82f585b38a40af1f30c85e85c9d95fcc4446e8","kB":"c7961085aab9766b95eek3cfe85319902fc991958cbdf33259276f645a9ce007"}} Obfuscated strings as it's from my browser Sync account in a test Profile.

I have forgotten exactly what kA and kB are specifically used for, but the combination of those 2 "keys" is what encrypts Sync data when that data is off of the device. In transit to the Sync server and while it's sitting on the Sync server.

Those kA & kB strings are created from the user set Password for that Sync / Firefox Account at the time of Password creation or the last Password change. Without those exact keys, the Sync data is virtually useless; can you imagine trying to "guess" an alpha / numeric string with so many characters? That's why changing the Sync Password deletes the data from the Sync server; with a different Password Firefox wouldn't be able to decrypt the data, so it's just deleted from the server as useless.

[–]TheCodesterr[S] 1 point2 points  (1 child)

So everybody must have the address in their saved logins, correct? No need to worry about it or touch it.

[–]gnarlyNightly (Windows x64) 1 point2 points  (0 children)

Correct.

[–]jscher2000Firefox Windows 0 points1 point  (3 children)

If you do not use a Master Password to secure your saved Sync password (and other saved passwords), consider:

https://support.mozilla.org/kb/use-master-password-protect-stored-logins

Please note that a Master Password is purely local: you need to create one on every device you connect to your Sync account.

[–]TheCodesterr[S] 0 points1 point  (2 children)

I do use a Master Password.

[–]jscher2000Firefox Windows 0 points1 point  (1 child)

Excellent.

[–]TheCodesterr[S] 0 points1 point  (0 children)

I actually used Firefox for a while and then everyone switched to Chrome because it's a little quicker. Well, it's definitely not as secure as Firefox. I love it because of the master password. That's why I switched back.

Firefox does things like 1Password would do, but free! Love it.

Use of this site constitutes acceptance of our User Agreement and Privacy Policy. © 2017 reddit inc. All rights reserved.

REDDIT and the ALIEN Logo are registered trademarks of reddit inc.

π Rendered by PID 116507 on app-297 at 2017-11-29 17:21:43.811683+00:00 running 6d060ce country code: JP.