Details
Firefox allows credentials to be stored for certain websites.
Stored credentials may be harvested by an adversary that gains local privileges equal to or greater than the principal running Firefox, which may increase the scope and impact of a breach. However, preventing Firefox from storing credentials will not prevent such an adversary from harvesting credentials used while compromised.
Solution
Perform the following procedure:
* Open the mozilla.cfg file in the installation directory with a text editor
* Add the following lines to mozilla.cfg:
lockPref(“signon.rememberSignons”, false);
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.