Over the years, many have touted Mozilla's Firefox as one of the most secure Web browsers. But as with other browsers, the security level offered depends on the settings. Some security features need to be manually enabled. Those turned on by default should still be double-checked.
Follow these five steps to lock down Firefox. Start with the essentials in the browser's own settings, then choose some useful add-ons. Finally, keep track of your plug-ins so you can patch the inevitable security holes.
Enable a master password
Like other browsers, Firefox by default allows anyone who accesses your computer to log in to sites where you've saved the password. And as with Google Chrome, a list of the saved usernames and passwords can be viewed via the Options menu of Firefox.
Fortunately, Firefox offers a master password feature that encrypts and password-protects the saved password list. When enabled, you must enter the master password the first time you use a saved password, once per browser session. Additionally, even though you enter the master password the first time, you must always enter it before you can view saved passwords via the Options menu. This is a great feature to help prevent casual snooping of your passwords. It even prevents most third-party utilities from recovering them.
To enable the master password feature, open the Firefox menu, select Options, select the Security tab, and then check the Use a master password option.
Use a strong password for syncing
Like Google Chrome, Firefox has a syncing feature to synchronize your bookmarks, passwords, and other browser data to Firefox browsers running on other computers and devices. Fortunately, Firefox encrypts all synced data, not just your saved passwords (as Google Chrome does). Additionally, Firefox has more security than what Chrome offers by default when you're setting up a new computer or device to sync. In Firefox, you must log in with your Firefox Sync password. Then you must either enter a random passcode from the new device into one that you've already set up, or take the recovery key from a device you've already set up and input that key into the new device.
So you don't have much to worry about with Firefox syncing—as long as you use a strong password, one with upper- and lowercase letters, numbers, and special characters. If someone knows or cracks the password, and has access to a device you've already set up with syncing, they can then set up other devices with syncing and access your passwords and other browser data.
To enable or change sync settings, open the Firefox menu, select Options, and select the Sync tab.
Sign up for Computerworld eNewsletters.