Hey all, Just wrote all this out for another forum but since I just registered here for some help (
shameless plug) I thought Id share a trick I just discovered.
Problem
If you go to:
Tools > Options > Security > Show Passwords > Show Passwords > Yes
You will notice that anyone who is using your Firefox profile on your computer can look at all your passwords in a matter of 6 clicks of the mouse. I personally dont share a computer and I have a password to login, but I occasionally let friends use my computer and I know that they know about this, so it has annoyed me no end that they could easily see all my passwords. Those reading this might not even have known about this but now you do, I can tell you how to change it. This is especially important if you share a computer and everyone uses the same Windows Profile, as anyone using the profile could see anyone else's username and password.
Solution
NOTE: This does require at least average knowledge of how to navigate Windows and use Windows systems, although I will try and explain everything very simply. As the computer know-how of the average Firefox user is higher than most other computer users, this shouldn't be too hard.
The solution to this isn't miraculously clever, it just hides the 'Show Passwords' button from the Options menu in the profile you are using. There are ways around this (explained at the end) but they are the kind of things only Advanced Users will know about and things you can't just stumble on to, unlike the current system.
You may have noticed that there is a Master Password option which will allow these passwords to be protect by, you guessed it, a master password. However this has a major drawback in that you have to enter this password in order to use
any of the passwords saved in the password manager
everytime you open Firefox. To me this has always been more hassle than its worth so I have declined to do it, but with the beauty of open source I have been informed of another way.
I'll explain this in easy to follow steps...
1) Click the Start Menu and select Run...
2) Type in '%AppData%' and hit Ok
3) Go to Mozilla > Firefox > Profiles > [random numbers/letters].default (assuming you only use the default profile, which most basic users do) > chrome
4) At the top menu bar select Tools > Folder Options > View
5) Uncheck the box that says 'Hide extensions for known file types' and click Ok
NOTE: This will effect all folders, resulting in every file showing its extension (e.g. .mp3, .jpg). If you dont like this, you can change it back right after step 6
6) Create a new text file (Right click > New > Text Document) and name it 'userChrome.css'
NOTE: The filename is case sensitive so use exactly that file name, not UserChrome.css or userchrome.css, or it won't work.
7) When the file is created, right click on it and select 'Edit'. This should open up Notepad (or any other text editor)
8) Copy and paste the following code:
@namespace url("http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul");
button#showPasswords {display: none !important;}
9) Save the file and restart Firefox. The button should have disappeared.
Further Issues
This will
not password protect your passwords or anything like that. If you want to password protect the Password Manager you
must use the master password and put up with the annoyance of entering the master password every time you load Firefox.
Also, someone can just enter the chrome URL (chrome://passwordmgr/content/passwordManager.xul) into the taskbar to bring up the passwords or can simply copy sigons2.txt and key3.db to another profile or another computer to see them. This is
only to remove the button from the options menu, which for me is enough to put my mind at ease.
Any problems, post here. Hope its helpful