Users of the Foxylicious Firefox extension are advised to upgrade to the latest version in order to keep their passwords safe. Older versions of the extension stored your password in plain text, which is a very insecure practice.
While poking through about:config last night, I discovered my del.icio.us password stored in plain text among Foxylicious’ saved preferences. This is a serious security vulnerability that makes your password vulnerable to theft.
The good news is that Foxylicious has fixed this security vulernability. I contacted the extension’s author, who confirmed that Foxylicious now makes use of Firefox’s built-in password manager. I tested the current version, and it does indeed store your password in a more secure manner.
If you are like me and have neglected to update Foxylicious since first installing it however long ago, I advise that you upgrade to the latest version. I also recommend that you delete your password from Foxylicious’ configuration settings.
- Type about:config into the Firefox address bar and press enter/return.
- Type foxylicious.password into the Filter field.
- Right click (CTRL+Click if you have a Mac) on the foxylicious.password entry and select reset.
0 responses
There are no comments yet... be the first and leave yours below.
Leave a Comment