Opened 4 days ago

Last modified 4 days ago

#30209 new defect

logins.json data is added unencrypted, maybe that's why people have problems with saved login data

Reported by: sashaman Owned by: tbb-team
Priority: High Milestone:
Component: Applications/Tor Browser Version:
Severity: Major Keywords: encryption, cipher, tbb-8.0-issues, decryption, error, torbrowser, logins.json
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

1)
install TB
disable always private surfing
enable saving login data
open a page with login form, logon and accept saving login data
data is being added to logins.json in unencrypted form
so far all seems right, but you will not be able to USE the saved logins

2)
go options again, set master pass, apply
add another login (go logon somewhere and save)
data is STILL being added to logins.json in UNENCRYPTED form (and unencrypted is not being encrypted)
STILL not able to use the saved data

3)
copy over old logins.json and key4.db
voila, you can use it...
again try to add a new login to the old data -> same as 1) and 2) applies

implies the mechanism is broken
i can not find a fix

Child Tickets

Change History (1)

comment:1 Changed 4 days ago by arma

Summary: logins.json data is added unencrypted, maybe thats why peolpe have problems with saved login datalogins.json data is added unencrypted, maybe that's why people have problems with saved login data
Note: See TracTickets for help on using tickets.