Just two ways to make Firefox more Secure

Earlier I showed you how to optimize Mozilla Firefox but I didn’t explain how to make the browser more secure.

With the well known news of the Chrome design feature that stores passwords in plaintext, I wanted to write an article about locking down Firefox.

Millions of people depend on web browsers such as Chrome and Firefox everyday and most people trust that the browser is reasonably secure after installation; however, contrary to the consensus, Firefox isn’t as indomitable as people belief think.  Here are two things you can do to make Firefox secure and improve your peace of mind while browsing the web.

  • Don’t save passwords locally
  • Disable third-party cookies

1. Don’t save passwords in Firefox

By default, Firefox wants to remember passwords for sites.  Initially this sounds like a good idea because you can login to all your favorites without having to remember which password goes with which site.  And it makes even more since if you’re the only one who uses your computer, but I suggest you disable password storage anyway because Firefox stores all your passwords in clear text just like Chrome.

Anyone sitting at your computer can easily view your saved passwords.

On the one hand, this isn’t a big deal if you compulsively lock your Windows box (Press the Windows Key + L) or your Mac (Command + Shift + Q) but it’s still a good practice to uncheck saved passwords because it’s too easy to compromise.

Let me show you.

Press Alt + T + O to open the browser options

In the Options dialog box click the Security tab with the little padlock icon
Firefox Privacy Settings

Click the Saved Passwords button

Firefox Password Settings

Click Show Passwords

Firefox View Password Settings Confirmation Box

Answer Yes to the confirmation box and BINGO: here are your passwords in the clear

Firefox Viewing Passwords in Plaintext

To prevent someone from doing this on your computer set a master password.

Back in the Security tab, click Use a master password and a password configuration window pops on the screen.

Set Master Password in Firefox

Now you can set a master password to secure all your saved passwords.

Create a unique password that only you know but that isn’t easily forgotten.

If you forget it you won’t have access to your stored passwords.  The password quality meter fills as you type so keep typing until it’s at least about 80% full – then click OK.

Set a Master Password for Firefox

2. Disable third-party cookies

A cookie is a small text file located in your Firefox profile folder that contains site preferences such as your preferred language, location and login status.  You can view your Firefox cookies in Windows by opening a run command prompt (Ctrl + r) and typing this:

C:\Users\Vonnie\AppData\Local\Microsoft\Windows\Temporary Internet Files

In this sense, cookies aren’t actually bad.  Contrary to popular belief you can’t get a virus from cookies.

Third-party cookies are different because they are set by a website other than the current page you’re on.

For example, if you visit cnn.com and check remember my password – CNN will store a cookie on your machine.  With third-party cookies, you visit cnn.com but instead of CNN setting the cookie on your computer a different website stores a copy on your local machine.  For example, if you used Twitter to tweet a CNN article, Twitter (the third-party) downloads a cookie to your computer.

The problem with this is that some advertisers maliciously use cookies to track your browsing habits so they can study analytics that delineate your browsing behavior.  These unscrupulous sites also track sites you’ve visited that belong to its ad network and do a bunch of other none-of-your-business kind of stuff.

Disable Third-Party Cookies in Firefox

To disable third-party cookies go to the Privacy tab (click the little mask in Options) and make sure Accept third-party cookies is unchecked.

The disadvantage is that some legitimate sites, such as Windows Live, use third-party cookies in a way that doesn’t cause privacy concerns.  In addition, disabling third-party cookies isn’t the panacea for privacy because some advertisers still get through.

That’s why I recommend using the Do-not-track feature instead.

With Do-not-track on, Firefox becomes your advocate for privacy and tells advertisers that you don’t want your browsing behavior recorded.  The sites don’t have to listen to Firefox but websites that honor this option will stop tracking your behavior in the background.

Visit the Privacy panel again and make sure Tell sites that I do not want to be tracked is enabled.

Firefox enable do-not-tracking

The Bottom Line

No browser is perfectly secure and Firefox certainly isn’t the exception; however, by adding a master password to your saved passwords and disabling third-party cookies you can increase you online security.

About

Connect with Vonnie on Twitter

Posted in Mozilla Firefox, Security, Web Browsers Tagged with: