Mobile/Projects/Password handling improvements: Difference between revisions

Tracking

• Meta-bug to be filed

Goals

Improve overall password UX and handling (including Master Password) to go along with the form auto-fill improvements project. If users are going to store auto-fill data in their browsers, we want it to be significantly easier and more seamless to use a master password to protect that data.

This is not necessarily a full overhaul of the Fennec password system, just an initial "cupcake" level of improvement.

Use cases & user stories

• TBD

UX design

• UX exploration & investigation is needed.

Justification

Why are we doing this?

• User value - our current password handling is sub-par on mobile devices, and we need to do better. Having a truly effective and innovative way to make passwords suck less would be an incredibly attractive user benefit potentially leading to marketshare increases and pre-install deals.
• User protection - improving how we handle passwords will (ideally) make using properly-secure passwords less arduous for users, increasing their overall security and privacy. This will potentially lead to increased marketshare, visibility, and pre-install deals.
• Supports other features, such as improving our auto-fill capabilities and mobile shopping optimizations, possibly (eventually?) Firefox Account integration and support.

Research and references

• https://lastpass.com/
  • Supports Chrome, Firefox, IE, Safari, Opera [Supports Linux, Windows, Mac]
  • Uses a user-generated master password then auto-generates website passwords
  • Local encryption
  • Add-ons plug into the browser
• https://agilebits.com/onepassword
  • Supports Mac, Windows, iOS, Android

Quality criteria

• No user-perceptible performance degradation
• All user stories are met
• All goals are met