Recently, Mozilla has announced through their Foundation Security Advisory that it was possible to copy saved passwords without having a preset master password entry. However, Mozilla is looking forward to solving the problem with a built-in password generator from Firefox version 69 onwards.
With the designation CVE-2019-11733, Mozilla has referred to the impact of the problem as ‘moderate’. The problem is fixed on the devices running on Firefox 68.0.2 and Firefox ESR 68.0.2.
According to the official report, a master password is required before accessing the stored passwords through the ‘Saved Logins’ option. However, it was discovered that in Firefox 69, the saved passwords could be copied to the clipboard with the help of the ‘copy password’ option without entering the master password.
This problem rises the chance of the leakage of personal information. As a solution, Mozilla will be updating the Firefox version into Firefox 69. The update will be available from September 3, 2019.
Whenever the user opens a website using Firefox 69 and will try to create an account, the browser will generate a random secure password for the users. If the generated password is accepted by the user, the password will be saved in the Firefox password manager. The password generator can be activated manually from the ‘Privacy and Security’ section.
