People are always asking me whether Safari or Chrome are better, but no-one ever asks about Firefox. Strangely, the people who use it have always known it to be a safe and secure browser, and aren't the ones asking which browser they should be using.
Mozilla’s Firefox has an exceptional legacy. It is founded in the purest of grassroots movements in tech. An open source project born from some of the engineers from the original Netscape browser that started it all. Firefox was to be an always-free, open browser that—much like wikipedia—thrived and remained secure, upon the efforts of countless internet community members. It was created to be for the people and the free internet.
It’s a fabulous browser. Compatible with every website I’ve ever come across. Sometimes Chrome, or Safari even, will have some code incompatibility with some website. Firefox remains a go-to browser when a website doesn’t work in my other browsers—unfailingly.
It does many things all of the other browsers do, and it’s fast and efficient. Despite this fact though, I’m finding it to be at the forefront of a very serious problem. While Safari and Chrome will automatically require your computer’s login password to view saved passwords, Firefox doesn’t by default.
Most computer users I know are very reluctant to save their website login passwords in the browsers. Trust doesn’t come easy, but we’ve been told over and over again that it’s safe. Safari and Chrome have exceptional password managers that are secure and would take a great deal of effort to bypass.
Firefox however does not protect your passwords unless you tell it to!
It is a point of extreme sadness whenever I visit a client who has been compromised. 99% of the time these wonderful people have been ravaged by scams that have lead them (one way or another) into allowing a stranger to access their computer’s remotely.
The moment when I ask what browser they use is a significantly painful one.
You see when a scammer is in your computer, it is well within their capabilities to go to the Preferences, scroll down to Security and Privacy, and view passwords for your Saved Logins unchallenged.
How in this day and age is this even possible? Why on earth would someone want to have their passwords unprotected?
The result of course is the panic that ensues when the user—who has often lost significant amounts of money to these scammers—realize that login information has been potentially read by the perpetrator. There’s a great deal of work to be done to secure all of their accounts. We start with email accounts and then work our way down the list of websites by risk.
Fortunately, I have also many times been able to go through all of these logins with the client and determine that there was little evidence of tampering in the actual accounts themselves. For the most part it seems like the payoff is the cash theft—a digital smash-and-grab if you would, with little desire to risk being caught by continuing to exploit a single individual.
That’s small comfort though, and not assertion that I would ever espouse as fact; something that I would never be complacent about.
Secure your passwords
No need to panic though. If you do use Firefox, no need to jump ship. Just enable the Primary Password in Firefox’s preferences. At least this way you will always be challenged with a master password anytime anyone wants to see them.
On your Mac, go to the Firefox application as usual.
Go to the Firefox Menu at the top of the screen, and like with so many other applications, pull down to “Preferences”
On the page that comes up, scroll down to “Security and Privacy” in the list on the side. Continue on the right to scroll down to the passwords area. You will see a button called “Saved Logins”.
Below that is the option to add a Primary Password. Unless you want to make things more complicated, use the same password that you normally use to get into your Mac. Even a four digit code like your iPhone or iPad passcode is more than adequate. Just remember what it is, and write down somewhere safe and secure.