Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Resources
Documents
Publishers
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Mozilla Firefox Security Technical Implementation Guide
SRG-APP-000141
Firefox must be configured to not use a password store with or without a master password.
Firefox must be configured to not use a password store with or without a master password.
An XCCDF Rule
Details
Profiles
Prose
Firefox must be configured to not use a password store with or without a master password.
Medium Severity
Firefox can be set to store passwords for sites visited by the user. These individual passwords are stored in a file and can be protected by a master password. Autofill of the password can then be enabled when the site is visited. This feature could also be used to autofill the certificate PIN, which could lead to compromise of DoD information.