Toolkit:Password Manager/Password Generation
- Feature bug: bug 376674
- Open bugs
signon.generation.availablecontrols whether the feature is available for users (e.g. if the about:preferences UI should show).
signon.generation.enabledis the user pref to enable/disable the feature from about:preferences.
Firefox 70 (Desktop only)
See Y in AC MVP (AC stands for autocomplete) column of the backlog for work targeting Firefox 70.
Generate a single password format for all websites but allow the user to reveal and edit the password. Fill generated passwords via the two new UIs:
- autocomplete on autocomplete="new-password" fields
- context menu on any password field (even if it's not intended for new passwords)
Only a single field is filled for this version.
Generated passwords automatically save (if there are no conflicts) and/or a dismissed doorhanger appears to allow saving whenever one is filled. Any edits to the field that was filled should get reflected in the doorhanger and/or storage.
The user can reveal, edit and cut/copy the generated password when it is focused.
Generation is disabled in private windows for this initial version.
List of popular sites using autocomplete=new-password
Firefox 72 (Desktop only)
bug 1566536 - Allow generating passwords in private windows
Firefox 74 (Desktop only)
bug 1595915 - Context Menu: have suggest secure password option at the top of the main list
Firefox 76 (Desktop only)
Use Fathom (machine learning model) to offer password generation on sites that don't use
Firefox 77 (Desktop only)
- Fills both the new password field and the confirmation field at the same time (bug 1576490)
0 Total; 0 Open (0%); 0 Resolved (0%); 0 Verified (0%);
31 Total; 31 Open (100%); 0 Resolved (0%); 0 Verified (0%);
There are many enhancements possible for the feature which aren't part of the "AC MVP" column. Check the other rows for more details. Some of the key ones are:
- Use heuristics to not autofill saved logins when
autocomplete="new-password"isn't used (bug 1623431)
- Generating a password more appropriate for the site (length, character classes, etc.)
- Requesting a new generated password if the user needs a different one (bug 1569568)