Where are my Firefox passwords saved?

windows-7 firefox osx-snow-leopard password-management
47,897

Solution 1

Firefox keeps your passwords in your profile, and in most/all versions since v2.0 this data is encrypted.

Check out here: http://kb.mozillazine.org/Profile_folder_-_Firefox for locations of the password files on Windows (various versions), Linux and Mac.

  • key3.db - Key database
  • signons.txt - Previous to 2.0.0.2 - Encrypted saved passwords, requires key3.db to work
  • signons2.txt - 2.0.0.2 and above - Encrypted saved passwords (and URL exceptions where "NEVER SAVE PASSWORD" is selected), requires key3.db to work
  • signons3.txt - 3.0 and above - Encrypted saved passwords (and URL exceptions where "NEVER SAVE PASSWORD" is selected), requires key3.db to work
  • signons.sqlite - 3.5 and above - Encrypted saved passwords (and URL exceptions where "NEVER SAVE PASSWORD" is selected), requires key3.db to work.

Solution 2

From Firefox Help - Recovering important data from an old profile:

Your passwords are stored in two different files, both of which are required:

  • key3.db - This file stores your key database for your passwords. To transfer saved passwords, you must copy this file along with the following file.
  • signons.sqlite - Saved passwords.

Thus, I would try searching your computer for these two files and checking them out for yourself...

Solution 3

password forensics has an overview and tools for recovery. The latter is a brute force attack on the master password (if you have it, which you should). The security is as good as your password, basically. This link has more details (same site).

Share:
47,897

Related videos on Youtube

mbb
Author by

mbb

Community Builder.

Updated on September 18, 2022

Comments

  • mbb
    mbb almost 2 years

    In a fear-driven reaction to recent hacking events I thought over my password strategy. The basic question is are my saved passwords in FireFox safe from remote access?

    I.e. where are they kept, are they kept in plain text, are there known vulnerabilities.

    I run OS X 10.6 & Windows 7.

  • Mateusz Jamrocki
    Mateusz Jamrocki about 13 years
    I wouldn't trust it though. My friend installed Chrome and it was able to copy his passwords over. If Chrome can do it, viruses can.
  • user3745303
    user3745303 about 13 years
    He didn't use encryption in that case. If he did, this wouldn't work.
  • Mateusz Jamrocki
    Mateusz Jamrocki about 13 years
    My friend had a master password set, but that wasn't enough to stop Chrome from copying the passwords over. I wouldn't trust the security of it. Any virus that knows how to make SQLite queries can recover data.
  • studiohack
    studiohack about 13 years
    If the OP encrypted these files, he would be safe...
  • Wayne Johnston
    Wayne Johnston about 13 years
    Firefox does encrypt the passwords if you use a master password. See support.mozilla.com/en-US/kb/….
  • Wayne Johnston
    Wayne Johnston about 13 years
    tjameson suggests that since Chrome can copy the passwords they are not safe. This isn't necessarily so. The passwords are encrypted using the master password. Chrome can copy the files containing the encrypted password, and it can decrypt them if it has the master password. It knows how to decrypt them because the method of encryption is public. It's the key (the master password) that keeps things safe. So the reason Chrome was able to decrypt the file was that the user supplied the master password.
  • rlandster
    rlandster about 12 years
    But what kind of encryption does Firefox use? I can find no Mozilla web page that makes this clear. They just say "encrypted" which is less than informative.
  • TylerH
    TylerH almost 3 years
    @rlandster See this (much more recent) Security.SE post on that matter: security.stackexchange.com/questions/215881/…; on Mozilla.org there's also this thread, which mentions hashing 10,000 times: support.mozilla.org/en-US/questions/1275020

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Can I change the Firefox menu to look like the Firefox menu in Windows?
Firefox experiences a sec_error_unknown_issuer error for every HTTPS connection
How to recover Firefox 3.5 bookmarks after upgrade to Windows 7 from XP
Limiting download speed in Firefox
Throttling Bandwidth on Firefox
Force change password upon next logon
Automatically starting a child process with 'High' priority?
force firefox to crash or trick firefox into thinking it has crashed on windows
Can I connect to Windows 7 Remote Desktop with Firefox?
Firefox saves the file without extension