Security News > 2024 > June > Mozilla Firefox can now secure access to passwords with device credentials
Mozilla Firefox finally allows you to further protect local access to stored credentials in the browser's password manager using your device's login, including a password, fingerprint, pin, or other biometrics.
To be clear, this new feature does not protect against information-stealing malware but rather prevents people with physical or remote access to the device from using the stored credentials without first authenticating with the device.
Like all modern web browsers, Firefox includes a password manager to create unique passwords for every site you visit and then save them in the browser for easier logins in the future.
While this protects local access to the password manager, it does not prevent information-stealing malware from stealing stored credentials from infected devices.
To further secure Firefox's password manager, Mozilla suggests setting a Primary Password, which is used to encrypt the password database instead. As these Primary passwords are only known to you and not stored on your computer, they cannot be exported by threat actors, tools, or malware unless they first brute force the password.
Primary passwords can still be brute forced, so using a long and complicated password is important to make that task much harder, if not impossible, with current hardware.