this post was submitted on 25 Aug 2023
61 points (96.9% liked)

Firefox

17884 readers
86 users here now

A place to discuss the news and latest developments on the open-source browser Firefox

founded 4 years ago
MODERATORS
 

Is there a simple app that can transfer everything easily? Like my favorites, browsing history and everything, including autofill setting and whatnot? I really just don't want to redo everything and essentially start fresh.

Edit*

Thank you everyone! I've used chrome for so long and the last time I tried fire fox over 13 years ago it didn't auto transfer anything, so I had no idea. And I will look into a 3rd party for password storage.

I'm not super savy with some things, so I don't really know what you mean by "self hosting" but I guess I'll look into that too.

Again thanks! Looks like I will make the switch!

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 1 year ago (3 children)

People keep repeating this. But I've never really heard s good reason for why a separate password manager is any more secure.

[–] [email protected] 3 points 1 year ago (2 children)

Firefox's saved passwords are not encrypted and just copying your user profile to another computer will allow someone else to use your credentials.

If you use Chrome, do you really want Google knowing your logins?

[–] [email protected] 3 points 1 year ago

But they are encrypted.

I think you mean if you don't use a primary password. They're still encrypted then, but since they can be used freely from inside the browser they are indeed not protected from someone copying the profile.

[–] [email protected] 2 points 1 year ago (1 children)

Firefox supports a master password to encrypt them with

[–] [email protected] 2 points 1 year ago

But by default it's not encrypted and nobody ever changes the default settings

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago)

Tldr; chromium based browers are more vulnerable to password stealing malware because they encrypt with the OS user creds, Firefox would probably avoid this with a master password, as thats the primary protection of this that password managers offer.

https://www.bleepingcomputer.com/news/security/redline-malware-shows-why-passwords-shouldnt-be-saved-in-browsers/

[–] [email protected] -1 points 1 year ago* (last edited 1 year ago) (1 children)

On top of what has been said on lower security, this is also much worse in terms of privacy. You are giving up your credentials to Google/Mozilla.

Also they do not encrypt (when they do at all)website URLs, only the secret parts (passwords) so this is a downside as well. Anyone getting access (or Google/Mozilla) of the encrypted vault knows what apps/sites you have accounts on. Some password managers do encrypt everything

But yes, primarily it is way easier to steal passwords from a browser, especially when it's synced across many devices including some with lower security (a phone with just a pin, a phone lent to other people, a computer or tablet or phone let open to anyone to change music on Spotify, ...)

[–] [email protected] 2 points 1 year ago

If you have Firefox Accounts and enabled the Sync functionality, your sync login data (usernames, passwords, hostnames) is fully encrypted once it's created and/or modified. However, Mozilla cannot decrypt your usernames and passwords when they are stored on the sync server.

Source: https://support.mozilla.org/en-US/kb/how-firefox-securely-saves-passwords