this post was submitted on 25 Aug 2023
61 points (96.9% liked)

Firefox

17943 readers
55 users here now

A place to discuss the news and latest developments on the open-source browser Firefox

founded 4 years ago
MODERATORS
 

Is there a simple app that can transfer everything easily? Like my favorites, browsing history and everything, including autofill setting and whatnot? I really just don't want to redo everything and essentially start fresh.

Edit*

Thank you everyone! I've used chrome for so long and the last time I tried fire fox over 13 years ago it didn't auto transfer anything, so I had no idea. And I will look into a 3rd party for password storage.

I'm not super savy with some things, so I don't really know what you mean by "self hosting" but I guess I'll look into that too.

Again thanks! Looks like I will make the switch!

all 49 comments
sorted by: hot top controversial new old
[–] robolemmy@lemmy.world 102 points 1 year ago (4 children)

I highly recommend switching to a 3rd party app for passwords, payment info, etc. I know Bitwarden is a trusted app with a free tier that can import from chrome.

It’s more secure than chrome or Firefox “vaults” and it’s backed up online and synced between devices automatically. It also doesn’t tie you to one browser. There are apps for iOS, android, windows, macOS, and Linux plus plugins for all major browsers.

[–] AxleGrinder@lemmy.world 20 points 1 year ago

This is the correct answer. The bitwarden extension is pretty good too at autofill on a page and the ability to self host is really important. I don't know how I lived without it at this point.

[–] lily33@lemm.ee 6 points 1 year ago (2 children)

However, the bitwarden extension autofill isn't as good as the one built into Firefox or Chrome. It doesn't work well on some sites and you have to copy manually.

[–] russjr08@outpost.zeuslink.net 5 points 1 year ago

That's odd to hear! I certainly believe it, because I've had this issue with other password managers in the past - but I haven't come across this with Bitwarden on desktop. Mobile however, I definitely get issues where it won't prompt the autofill button on the keyboard, sometimes tapping the password field will cause it to realize its there, other times I have to use the quick settings tile to autofill.

You might be able to workaround the problematic sites though using their custom fields attributes for logins.

[–] fushuan@lemm.ee 3 points 1 year ago

I still prefer it because then I can have teh app on the phone and log into wherever from it, and if I'm in a foreign pc I can log into the vault and copy the passwords. It also works across browsers, so the firefox at home and the edge at work are synced by default

[–] KiloGex@lemmy.world 1 points 1 year ago

Could not agree more, and just came there to say this.

I work at a small retail store with an online shop. Multiple times we've had parents call us to cancel online orders where their kids purchased something using their parent's stored credit card info. Those things really should be locked behind a password.

[–] ocassionallyaduck@lemmy.world 27 points 1 year ago (1 children)

I mean, out the gate Firefox will import a huge chunk of that. Like, literally everything you listed.

You should install it and try.

That said, I will echo others that getting setup with something like KeePass is worthwhile. You set it up, add a browser extension to connect to it l, and now the passwords are REALLY secure and not limited to your browser and much more complex functions are available to you if you want to nerd out.

[–] cy_narrator@discuss.tchncs.de 1 points 1 year ago (2 children)

Dont forget to mention that you have to manually backup your keepass vault somewhere safe and make sure all of your devices have the latest version of it.

Also that Keepass master password is kind of important to remember

[–] ocassionallyaduck@lemmy.world 1 points 1 year ago

shrug

Save it in a cloud synced folder, or one synced with Syncthing.

And yes, not forgetting your master password is and will always be critical. Do... You want it to have back doors?

[–] ocassionallyaduck@lemmy.world 1 points 1 year ago

Oh, and no they do not need the latest version, at all.

The vault is interoperable between major versions, so this is just untrue.

[–] Underpay@feddit.nl 20 points 1 year ago (1 children)

I'm prettey sure Firefox can do that, and like others said: it is better to use a password manager like Bitwarden (you can also selfhost it) instead of Firefox's built in one.

[–] lemmyvore@feddit.nl 1 points 1 year ago (1 children)
[–] Underpay@feddit.nl 4 points 1 year ago (2 children)

If I remember correctly if you use your browser's password manager anyone with access to your PC can see your passwords, with Bitwarden or Keepass (or any other password manager) you need the master password.

Also I thought that the browser also saves the passwords unencrypted but I'm not sure if that's true.

[–] lemmyvore@feddit.nl 3 points 1 year ago (1 children)
[–] chayleaf@lemmy.ml 1 points 1 year ago

Firefox Desktop uses simple cryptography to obscure your passwords

Obscure, not secure. It's trivial for any program you've installed to read them.

As long as you have a master password it's basically the same as a password manager, Bitwarden is more convenient because it works across apps on your phone.

[–] sio2@lemmy.ml 18 points 1 year ago (2 children)

C:/users/user/appdata/local/Google/Chrome/User Data/Default - Web Data file. Copy and paste it to the same directory of your new browser and the autofill data will get transferred. please use a password manager for passwords. I suggest Bitwarden.

[–] kratoz29@lemm.ee 4 points 1 year ago (1 children)

Wait, all that valuable data is easily accessible from there!?

[–] sio2@lemmy.ml 5 points 1 year ago (1 children)
[–] kratoz29@lemm.ee 1 points 1 year ago
[–] TheWildTangler@lemmy.world 2 points 1 year ago (2 children)

Yes use Bitwarden for sure. Its open source and only $10 per year if you don't want to self-host it. If you're a really light user, you might even get away with the free account.

[–] Tywele@lemmy.dbzer0.com 5 points 1 year ago (1 children)

A free account is enough for almost everyone not only really light users.

[–] TheWildTangler@lemmy.world 1 points 1 year ago (1 children)

Anyone not using TOTP is a pretty light user security-wise.

[–] Tywele@lemmy.dbzer0.com 2 points 1 year ago (1 children)

There are other apps you can use for that which are free.

[–] AuroraBorealis@pawb.social 2 points 1 year ago

Keepass-xc is good

[–] zerosignal@lemmy.world 4 points 1 year ago (1 children)

The free version of BW is sufficient for most users. The big draw for the paid version is TOTP

And organizations. My wife and I share passwords.

[–] Moonrise2473@feddit.it 10 points 1 year ago (2 children)

Favorites are migrated by the welcome wizard.

Password and credit cards you should migrate them to bitwarden free as it's more secure and cross platform

Auto fill on Firefox works much much better than chromium browsers (that I had to keep it disabled because it always messed up shipping addresses)

[–] realitista@lemmy.world 1 points 1 year ago

Autofill doesn't work for me at all on Firefox in Czech language sites. It only works if I'm filling the exact same form on the exact same site twice, otherwise it won't recognize the common fields like name, address, telephone (in czech of couse).

Any idea how to fix this?

I personally don't store my CC info in my browser any form. This does two things for me:

  1. Reduces impulse purchases - that extra step of finding my CC is often enough for me to reconsider
  2. Limits fraud from a compromised account to just my accounts

But if I did, I would prefer to store it in Bitwarden than my browser.

[–] bloubz@lemmygrad.ml 6 points 1 year ago (1 children)

As said previously, strongly strongly recommend not using browsers to store passwords and paiement cards. Bitwarden and keepass are well known good options, but if you trust Proton you should try their new password manager Proton Pass which has a free tier (not affiliated to them) For the moment I still have an active license on 1password so haven't switched over yet

[–] lily33@lemm.ee 3 points 1 year ago (3 children)

People keep repeating this. But I've never really heard s good reason for why a separate password manager is any more secure.

[–] RiderExMachina@lemmy.ml 3 points 1 year ago (2 children)

Firefox's saved passwords are not encrypted and just copying your user profile to another computer will allow someone else to use your credentials.

If you use Chrome, do you really want Google knowing your logins?

[–] lemmyvore@feddit.nl 3 points 1 year ago

But they are encrypted.

I think you mean if you don't use a primary password. They're still encrypted then, but since they can be used freely from inside the browser they are indeed not protected from someone copying the profile.

[–] lily33@lemm.ee 2 points 1 year ago (1 children)

Firefox supports a master password to encrypt them with

[–] Moonrise2473@feddit.it 2 points 1 year ago

But by default it's not encrypted and nobody ever changes the default settings

[–] Krotiuz@kbin.social 2 points 1 year ago* (last edited 1 year ago)

Tldr; chromium based browers are more vulnerable to password stealing malware because they encrypt with the OS user creds, Firefox would probably avoid this with a master password, as thats the primary protection of this that password managers offer.

https://www.bleepingcomputer.com/news/security/redline-malware-shows-why-passwords-shouldnt-be-saved-in-browsers/

[–] bloubz@lemmygrad.ml -1 points 1 year ago* (last edited 1 year ago) (1 children)

On top of what has been said on lower security, this is also much worse in terms of privacy. You are giving up your credentials to Google/Mozilla.

Also they do not encrypt (when they do at all)website URLs, only the secret parts (passwords) so this is a downside as well. Anyone getting access (or Google/Mozilla) of the encrypted vault knows what apps/sites you have accounts on. Some password managers do encrypt everything

But yes, primarily it is way easier to steal passwords from a browser, especially when it's synced across many devices including some with lower security (a phone with just a pin, a phone lent to other people, a computer or tablet or phone let open to anyone to change music on Spotify, ...)

[–] lily33@lemm.ee 2 points 1 year ago

If you have Firefox Accounts and enabled the Sync functionality, your sync login data (usernames, passwords, hostnames) is fully encrypted once it's created and/or modified. However, Mozilla cannot decrypt your usernames and passwords when they are stored on the sync server.

Source: https://support.mozilla.org/en-US/kb/how-firefox-securely-saves-passwords

[–] gonzoknowsdotcom1@monero.town 6 points 1 year ago
[–] littleme@infosec.pub 5 points 1 year ago
[–] richardazia@kbin.social 4 points 1 year ago

In the current era when you install a new web browser it will ask you which old browser you want to import your data from. It will also allow you to create an account with the browser company to keep it synched. You can swap browsers daily if you like. It's relatively quick to do.

[–] yata@sh.itjust.works 3 points 1 year ago

All browsers gives you the option to import the information from your old browser nowadays, including Firefox (even Edge does it). It has long since become an industry standard.

[–] Bbbbbbbbbbb@lemmy.world 2 points 1 year ago (1 children)

When i switched to edge I was able to import all that information over. Whatever you switch to will also likely have that feature

[–] sun_is_ra@sh.itjust.works 4 points 1 year ago

Edge is based on google chrome and so does brave. Firefox is completely different webbrowser

[–] RedWizard@lemmygrad.ml 1 points 1 year ago

Me and my family use 1Password for password management. I would stay as far away from LastPass as you can they have an AWFUL track record of keeping your information safe and secure.

[–] Endorkend@kbin.social 0 points 1 year ago (1 children)

What doesn't get imported by Firefox automatically can be downloaded from your google account directly. Every single bit of data they have on you.

[–] cy_narrator@discuss.tchncs.de 0 points 1 year ago

Oooooooooooo