Forms in Firefox

Unless the option is unchecked, Firefox remembers the values entered in a web page form and attemps a matchewhen an empty form again appears.

This feature in later Mozilla was not fully automatic, and the user could fill in values for fields in a special screen. It was also possible (I think) to block the storage of certain values like credit card numbers.

What control have I in Firefox. I am nervous of my credit card details beeing buried in some file on my PC.

 

Labarum,

Your form fill data is stored in the formhistory.dat file located in the salted folder. If you open the file in Notepad, you can see that the data is encrypted. Short of clearing the file each time you use it, that's the only guarantee of total security.

There is an extension you can use for Firefox and Mozilla which uses the TripleDES password encryption:

http://autoform.mozdev.org/

Features

* Virtual users
* Configurable automatic form data loading and saving
* Reset/Delete forms
* Field context can be defined
* Show and edit stored values
* TripleDES password encryption (uses master password)
* Customizable look and feel
* English and german localisation
* Help file included
-----------------------------------

This is what I found on this type of encryption:

http://efgh.com/software/des.htm

The Data Encryption Standard (DES) has been a standard encryption method in the United States for a number of years. It is moderately secure. No easy ways have been found to crack it, although a brute-force approach, using expensive special-purpose equipment, is probably feasible.

The DES encryption and decryption package resides in the file DES.CPP, which must be compiled and linked into an application that uses it. Any module that calls on the package must include the header file DES.H. These files are available in text format:
-------------------------------------

I hope this helps, although I simply can't give you a pat answer, other than to say that because Firefox does not use ActiveX, or VBS, then you're certainly safer than with IE.

Ramona

 

Thanks Ramona. Autofill, not Autoform was more what I had in mind.

I have installed that extension, and I have a nice pencil icon I can click to fill in a form with name and address etc.

But I am confused. Autofill allows me to pre-specify field that may be filled in on any web page. Autoform and the Firefox formfill routine remembers the values for a particular page and fills them in automatically whenever I return.

Have I got that right?

So if I want to make sure my Credit card numbers are not remembered in plain text I have to disable the Firefox Formfiller. Is that corrrect, or does Firefox encript form values as it encripts passwords?

 

Labarum,

I reached out to the Firefox guru's and received this answer:

Ramona