UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Firefox is configured to autofill passwords.


Overview

Finding ID Version Rule ID IA Controls Severity
V-15775 DTBF150 SV-16714r2_rule Medium
Description
While on the internet, it may be possible for an attacker to view the saved password files and gain access to the user's accounts on various hosts.
STIG Date
Mozilla FireFox Security Technical Implementation Guide 2019-01-02

Details

Check Text ( C-16620r2_chk )
In About:Config, verify that the preference name “signon.autofillForms“ is set to “false” and locked.
Criteria: If the parameter is set incorrectly, this is a finding.
If the setting is not locked, this is a finding.
Fix Text (F-15992r2_fix)
Ensure the preference "signon.autofillForms" is set and locked to the value of “False”.