mhammond
commented
8 years ago I'm the main Firefox engineer responsible for Sync's desktop integration and I'm happy to help too.
Open shturm opened 8 years ago
mhammond
commented
8 years ago I'm the main Firefox engineer responsible for Sync's desktop integration and I'm happy to help too.
nazarewk
commented
8 years ago Might be worth mentioning, today my Firefox Sync launched without any issues for the first time ever since installing passifox. Tried restarting browser and it still works!
nazarewk
commented
8 years ago Well, it works only when KeePass is already opened when starting Firefox.
yan12125
commented
7 years ago Just studied the whole scenario in the last few hours. Here are my observations: Firefox Sync stores a pair of keys (kA, kB) in login managers and it will ask for this pair during the first sync after the startup. [1] If you look into your Keepass database, there will be a group "KeePassHttp Passwords" and an entry "firefoxaccounts" in it. (The actual location may vary with different KeePassHttp implementations. Here I use the HTTP module in KeepassXC) So my conclusion is: it's impossible to have a working Sync without running the password manager first.
@mhammond Are you still working on Firefox's Sync service? How do you think?
If everyone here agrees that we should run KeePass first and then Firefox, this issue can be closed. Maybe a warning message in PassIFox is useful. For example, prompting users to open the password manager if the URL is chrome://FirefoxAccounts
mhammond
commented
7 years ago That sounds right. Sync already tries to ensure our master-password implementation is unlocked, but sadly in a way that probably makes it difficult for 3rd party managers to intercept.
benwaffle
commented
7 years ago can we make passifox forward requests to sync's password to Firefox's login manager, even if keepass isn't open?
wilfriedroset
commented
6 years ago I open keepass only when I need it. Opening keepass everytime I open firefox (even for a quick browse) seems painful. I do not have any idea for fixing this problem but I think that I'm not the only one to think that.
Why don't we had an exception for this pair of keys and store them in firefox ? I do not know if this is even possible.
yan12125
commented
6 years ago As Firefox 57 is coming, I would instead suggest forks that implements WebExtensions. All of them use another API to intercept password requests and don't bother with Firefox Sync access tokens.
I'm currently using https://github.com/projectgus/passifox. I've heard that https://addons.mozilla.org/en-US/firefox/addon/keepasshttp-connector/ is a good alternative, too.
wilfriedroset
commented
6 years ago Thanks @yan12125, I've just give a try to keepasshttp-connector. I can confirm that I no longer require to log again and again for firefox sync even if keepass is locked or not started. More over keepasshttp-connector is compatible with Firefox 57 which will soon be released.
Therefore, I will stick with the new extension and I recommand you give to try it to. @yan12125 provide the link in the previous post.
Thanks @pfn for passifox.
It seems PassIFox causes Firefox Sync to fail. I set up Firefox Sync, but when restart it - it says there were sync errors and I have to re-type my password. On every Firefox launch.
I have filed a bug in Bugzilla initially thinking it was due to Firefox issue (boy, there are a lot of them...) but this one seems different. I was told to reference this line in this report: https://github.com/pfn/passifox/blob/master/passifox/components/loginmanagerstorage.js#L187
The original bug in Firefox bug tracker: https://bugzilla.mozilla.org/show_bug.cgi?id=1218166
This behavior is only reproducible when PassIFox is installed. I'm open for further collaboration.