Project Goal

Significantly increase adoption and engagement with the Firefox password manager while maintaining high levels of quality.

Password Doorhangers & Prompts

Test Cases

General

• ensure that usernames and passwords are not being auto filled while using "Private Browsing"
  • ensure that the passwords are correctly being filled in when selecting a username that's in the password manager
• ensure if there's more than one saved password for a particular website, usernames & passwords are not auto filled
• ensure that selecting "Remember Password" correctly saves the username and password into the password manager
• ensure that you can use the same username multiple times on different websites without causing any collisions
  • Collision Checks (ensure you have several accounts with the same username but different passwords)
    • ensure that you can login into several accounts using the same username without any issues
    • ensure that changing/updating the password on one account won't affect the other accounts that are using the same username
    • ensure that removing one account won't affect the other accounts that are using the same username
    • ensure that changing the "username" field to a user that's already saved for that particular website changes the "Remember Password" button to "Update Password"
• When changing the password on a page that doesn't provide a username (just password fields), ensure that you get prompted with a list of usernames that are currently being saved for that website (see the Changing password when username missing image above)
  • Example: twitters change password page doesn't provide a username field that the password manager can use. If you have multiple users saved on twitter, you should get prompted with a list of those users and choose which one you would like to apply the new password to
  • ensure that the password for the user that was selected is correctly saved in the password manager
  • ensure that selecting "Cancel" doesn't save the password
• ensure that the username field under the password doorhanger is editable
• ensure that blank usernames are treated like regular usernames and can be saved into the password manager
  • Quick note: This will most likely change down the road and make it impossible to save blank usernames. There's some known issues relating to blank usernames. (Example: changing the blank username to a valid username)
• ensure that the animation is smooth without any noticeable jank or other UI issues while dismissing the doorhanger
• ensure that fresh installs have an additional window underneath the doorhanger indicating that Passwords can be synced
  • ensure selecting "Learn More" loads https://www.mozilla.org/en-US/firefox/sync/
  • ensure that the message only appears 5 times before being automatically dismissed
  • ensure pressing "x" dismisses the message and never re-appears again

Dismissing the password doorhanger

• dismissing the doorhanger using "Not Now"
  • shouldn't save the current username/password
  • doesn't place the website on the exceptions list
  • should still display the "key" icon beside the URL
  • should still allow users to save the password using the "key" icon beside the URL after being logged in

• dismissing the doorhanger using "X"
  • shouldn't save the current username/password
  • doesn't place the website on the exceptions list
  • should still display the "key" icon beside the URL
  • should still allow users to save the password using the "key" icon beside the URL after being logged in

• dismissing the doorhanger by clicking anywhere on the website
  • shouldn't save the current username/password
  • doesn't place the website on the exceptions list
  • should still display the "key" icon beside the URL
  • should still allow users to save the password using the "key" icon beside the URL after being logged in

• dismissing the doorhanger using "Never Remember Password for This Site"
  • shouldn't save the current username/password
  • should place the website under the exceptions list and never ask the user to remember the password again
  • should remove the "key" icon beside the URL

Exceptions List under about:preferences#security

• ensure that selecting "Never Remember Password for This Site" correctly adds the site into the exception list
• ensure that sites that are being listed under the exception list are not prompting users to remember passwords when logging into sites
• ensure that selecting "Remove" correctly deletes the highlighted site from the exception list
• ensure that selecting "Remove All" correctly deletes all the entries under the exception list
• ensure that sites that are removed from the exception list prompt the user to save their passwords
• ensure when "Remember passwords for sites" is unselected, websites will not ask the user to save their passwords
• ensure when "Remember passwords for sites" is unselected, the "Exceptions..." button is grayed out and not clickable
• ensure selecting & unselecting "Remember passwords for sites" doesn't clear the previously created exception list
• ensure that selected entries are correctly being highlighted when going through the exception list
• ensure there's no spelling mistakes or other UI irregularities when clicking on "Exceptions..." button

Saved Passwords under about:preferences#security

• ensure that "Copy Username" is working when right clicking on a sites being listed
• ensure that "Copy Password" is working when right clicking on a sites being listed
• ensure if there's multiple websites selected, both "Copy Username" & "Copy Password" are grayed out and not selectable
• ensure that selecting "Remove" correctly deletes the highlighted site from the password manager
  • ensure that if there's multiple websites selected, clicking "Remove" will correctly remove them (CTRL + Click & SHIFT + Click)
• ensure that selecting "Remove All" correctly deletes all the passwords in the password manager
  • ensure that you're prompted with a confirmation warning before the passwords are removed
    • ensure selecting "No" on the confirmation warning will not remove all the passwords
    • ensure selecting "Yes" on the confirmation warning removes all the passwords in the password manager
• ensure that the "Remove" & "Remove All" button are grayed out when there's no more passwords being listed
• ensure that sites that have been removed from the password manager don't auto fill in the passwords anymore
• ensure that "Show Passwords" correctly lists all the passwords that are being saved
  • ensure that you're prompted with a confirmation warning before the passwords are shown
    • ensure selecting "No" on the confirmation warning will not display the passwords
    • ensure selecting "Yes" on the confirmation warning will display the passwords
• ensure that the "Last Used" column is correctly being updated while logging into sites with the saved password
• ensure that the "Last Changed" column is correctly being updated when changing/updating the saved password
• ensure that "Search" is working correctly
  • search for a few terms and ensure the correct results are being displayed
• ensure that clicking on the yellow "?" correctly opens a new tab and points the user to the "Security and passwords settings" KB under about:preferences#security

Store Passwords/Password Manager under about:permissions

• ensure that "Store Passwords" appear as "Block" for sites that are listed under the exception list
• ensure that changing the "Store Passwords" to "Allow" removes the site from the exception list
• ensure that each website is listing the correct number of passwords being saved
• ensure that the "Manage Passwords..." button is available if a password has been saved into the manager
• ensure that selecting "Manage Passwords..." correctly lists the saved passwords for the current website
  • ensure that the correct website is being populated into the "Search" field when selecting "Manage Passwords..."
• ensure that removing entries using about:permissions also removes them from about:preferences#security

Community Engagement

One and Done

One and Done Here gives users a wide variety of ways to contribute to Mozilla. The following is a list of tasks related to the password manager that the community can get started with:

• https://oneanddone.mozilla.org/en-US/tasks/117/

QA Contact Information

If you have any questions or issues relating to the Password Manager, you can contact me via the following methods:

Internet Relay Chat (IRC): [Quickest Response]

• Nick: kjozwiak
• Channels: #qa #passwords
• IRC Setup: https://wiki.mozilla.org/IRC

Email: [Slowest Response]

• kjozwiak [at] mozilla.com
• kamiljoz [at] gmail.com