FREQUENTLY ASKED QUESTIONS for Saved Password Editor

Showing 1-1 of 1 messages
FREQUENTLY ASKED QUESTIONS for Saved Password Editor Daniel Dawson's add-ons support 9/17/17 1:14 AM
NOTE: Saved Password Editor does NOT fill your passwords, so please go to Mozilla Support for help with that. Please do not ask me for support if your passwords are no longer filled.

Is this another password manager?

Actually, this question is never explicitly asked, but I get a lot of support requests that seem to assume that SPE is some sort of password manager that completely replaces Firefox's built-in password management. This is not true! Please do not assume it is! SPE enhances the existing password manager by making it possible to add passwords and edit existing password entries without relying on Firefox (also, SeaMonkey and Thunderbird) to ask you. It also allows you to see more or less what an entry looks like in the database (not including some less-important metadata).

Why aren't my passwords filled when I visit site X, even though I used SPE to add them?
Why can't I use the right-click (context) menu or "Guess from current page" button on site X?

UPDATE: Firefox 42 and the equivalent version of Seamonkey have improved this situation. In addition to the change to not honor autocomplete="off", many more login forms are recognized and handled properly. The Saved Passwords window now allows editing usernames and passwords. This doesn't mean SPE is now useless. There's no guarantee that all login forms will be properly handled. The new editing feature requires you to make all of your passwords visible on the screen, unlike the way SPE handles it, so people might look over your shoulder and read them. There are also still features not supported, such as creating entries without logging in to a given site; now, one might argue that the new built-in functionality makes that unnecessary, but again, I must stress that there's no guarantee it works all the time. SPE may still be useful as a backup for this. It's also convenient to be able to edit and delete passwords by right-clicking the username or password field of a login form.

There are a number of reasons this might happen. The two most likely are that the form simply asked not to be filled, by declaring autocomplete="off" in its code, or that the form was created after the password manager scanned for login forms and thus escaped detection.

Before version 30, Firefox always honored autocomplete="off" requests; now, the preference signon.storeWhenAutoCompleteOff controls whether Firefox will allow such passwords to be stored, and this is enabled by default. However, Firefox may still not autofill in the normal way. In any case, you can work around this problem (see demonstration video) by using SPE to enter the information yourself, if necessary; upon revisiting
the page, click twice on the username field, and select your username from the drop-down list (you can also start typing it instead of clicking a second time). NOTE: some forms are a little more stubborn. Try various things. For instance, if your username is already filled in but not the password, try clearing the username and starting again. Also, try clicking off of the form and then back on the username field.

For the case of a form created dynamically (as opposed to being written directly in HTML) or employing certain other fancy tricks, the password manager cannot be persuaded to recognize it or cannot fill it properly. In that case, the only solution is to use something else. I usually recommend iMacros for Firefox. Although it's much more powerful than is needed for the task, it's one of the few things that work in almost all cases. You should probably enable its master password feature so that the passwords in your macros will be encrypted.

Also, some forms break the password manager's expectations of what a login form is supposed to be (and when this happens, it usually affects Saved Password Editor's detection logic as well, so it's harder to enter anything, although doing so probably wouldn't get you anywhere). Specifically, it must conform to the following criteria:
  • There must be one plain text field (i.e. a single-line text field that displays what you type into it). This holds the username or a similar identification (email address, library card number, etc.).
  • There must be one password field (i.e. a single-line text field that obscures what you type into it). This holds the password or other secret credential.
  • There must be no other text fields between the two. In particular, having two username fields (e.g. a library login that requires both your name and card number) will not fit the model. An exception is a form with two or three password fields; Firefox might assume you are changing your password and ask if you want to update the saved password (if autocomplete="off" isn't in effect, that is). However, a form with two IDs or more than one password-like credential cannot be handled properly.
  • Both credentials must go in the same form on the same page. A login process where you submit only a username and then the server responds with another page where you enter the password also cannot be handled properly.
  • The form should be a proper HTML form and must exist in its final form some time before the page loading is finished. This means that sites that use scripts to build a form (e.g. Windows Live/Hotmail/Outlook Live) might not autofill properly.
If you are interested, there is a representative list of sites known to break the above requirements. However, note that the list can never be complete, but then its first item probably covers most cases.

For all of these, I recommend using iMacros for Firefox.

How do I back up my passwords?
I'm getting a new computer. How do I transfer my saved passwords to it?

This is not really a question about SPE at all. It should be asked on Mozilla Support. However, for your convenience, here are some brief pointers:

For those getting a new computer or similar, just copy your whole Firefox/SeaMonkey/Thunderbird profile, orĀ use Sync to transfer the data to the new computer; that way, you keep all your data, not just your passwords.

If you really just want to copy the password data, see how to back up your profile, as above. Once you locate the profile, the files you want are named logins.json (contains all password data, with usernames and passwords encrypted) and key3.db (contains encryption key). You can also use Password Exporter to transport the passwords (in an unencrypted format). If you have a really old version, the database might be signons.sqlite.