I somehow achieved a highly unsecure situation on one of my systems and can't even remediate it now.
Clean uninstal also seems useless for a portable application, isn't it?
- Had an old Firefox (presumably 4.x) running on a Win XP system.
- Unistalled it, but without deleting cache and presets.
- Had a Firefox Protable installation on a USB (at that time 5.x, now 6.x) and decided to simply copy it to my HDD in order to avoid re-installing all addons and so on
- Set the new portable FF to remember pw and also set a master password.
Even after a complete shutdown FF gets all data out of the password manager and logs into anything without prompting for the master password.
- Tried to erase all data of the password manager and do a clean setup, but without success. Everything I store in the pw manager is accessible.
Does that mean to me that if anyone gets his hands on my Firefox Portable installation and copies it onto another system (maybe with some specific registry keys from a previous installation???), under certain circumstances access to all my passwords stored in that installation is free???
It's the real FirefoxPortable.exe.
Today I "managed" to open the leak again.
Copied a portable installation with installed password manager to a different system
(with a prior regular Firefox 6.0.1 installation, which I had removed without deleting settings).
I don't know if this works with a copy to a clean system, too.
The copy uses user names and passwords out of the password manager without prompting for the master password.
For saving a new password it prompts for master password once, but afterwards these new passwords can also be used freely.
It seems not to be recommendable to use the password manager in the portable app, is it?