Mozilla Firefox can now secure access to passwords with device credentials

Mozilla Firefox adds another layer of password protection

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Mozilla Firefox has introduced a new feature allowing users to protect their passwords and sensitive information against hackers that obtain remote or physical access to their device.

As is standard for many of its competitors, Firefox can create secure passwords and store them in thebrowserto make it easier for users to quickly log in to accounts when online.

However, this feature does not offer much protection against information stealing malware, so it may be a better idea to invest in one of thebest password managersto keep your credentials safe.

Additional layer of security

The credentials stored within the browser will be accessible using your device’s built in biometrics such as a fingerprint or facial recognition, or can be accessed using a password.

The release notes state that, “For added protection on MacOS and Windows, a device sign in (e.g. youroperating systempassword, fingerprint, face or voice login if enabled) can be required when accessing and filling stored passwords in the Firefox Password Manager about:logins page.”

While the feature is a welcome one, it does not fully protect against information stealing malware, as the credentials are encrypted and stored on a local disk, they can still be stolen by attackers and decrypted using the key stored in the Firefox data. To mitigate this, Firefox recommends that users set a high-strength primary password to encrypt the credentials storage, which will not be stored on the device and is known only to the user.

This primary password is still vulnerable to brute force attacks though, so it is further recommended to use one of thebest password generatorsto ensure the primary password cannot be easily compromised.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

More from TechRadar Pro

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division),  then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

VIPRE Security Group says its new endpoint protection tools can stamp out even the latest cybersecurity threats