LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for June 20, 2013

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

The Firefox password manager vulnerability

The Firefox password manager vulnerability

Posted Nov 30, 2006 3:26 UTC (Thu) by rsw (guest, #4248)
Parent article: The Firefox password manager vulnerability

One possible solution is to move away from passwords as an authentication key. Why can't servers generate an SSL certificate based on the username? Of course, then there would be an issue of carrying the certificates around wherever access is required, but perhaps something like Schnieir's pass safe equivalent could be used.

But as an initial fix, the Firefox UI will need to change to be less automated, requiring a positive action by the user to cause the fields to be entered

(Log in to post comments)

The Firefox password manager vulnerability

Posted Nov 30, 2006 8:47 UTC (Thu) by beejaybee (guest, #1581) [Link]

Actually passwords are fine _provided they're used only once_. The point being that disclosing a password for any reason compromises it, even if the reason is to gain access to the password-protected service.

What we really need is something like a smartcard which will generate one-time passwords and automatically communicate the next valid password to the service provider once access has been granted.

Firefox has fallen into the "convenience trap" here & urgently needs to be fixed. The quick (?) hack of copying the Opera "magic wand" procedure is probably the best mechanism for low to medium security requirements in the short term.

The Firefox password manager vulnerability

Posted Nov 30, 2006 21:05 UTC (Thu) by rriggs (subscriber, #11598) [Link]

Actually passwords are fine _provided they're used only once_. The point being that disclosing a password for any reason compromises it, even if the reason is to gain access to the password-protected service.

Unless I misunderstand what you are saying, your logic is flawed. One has to disclose the password to set it in the first place.

The Firefox password manager vulnerability

Posted Dec 3, 2006 16:02 UTC (Sun) by k8to (subscriber, #15413) [Link]

I believe your parent is referring to the idea of having a password which is never set, but it is merely pre-arranged.

That is, a one-time password system where both parties can generate an unending linear set of passwords, so each password is generated by, and known to both parties in advance, but is only disclosed the once to authenticate. Traditional passwords become less secure as they are used. One-time passwords are discarded on use, so there is no lessening of security.

The downside of one-time passwords of course is they take even more effort than regular passwords, and at the rate at which passwords (ab)use is multiplying, I think neither is sustainable.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds