![]() ![]() I have found similar behaviour on Windows using different tools. These are the steps I used on a Linux system. This does not seem to be the case for the standalone application, nor for Chrome or Edge browser extensions. However, in my testing, I have found that once you unlock your vault with the master password in the Firefox extension, and then lock it again, the master password is still recoverable from the memory of the running Firefox browser. ![]() We consider the application to be completely safe while in a locked state. We do our best to ensure that any data that may be in memory for the application to function is only held in memory for as long as you need it and that memory is cleaned up whenever the application is locked. We also reload the application’s renderer process after 10 seconds of inactivity on the lock screen to make sure any managed memory addresses which have not yet been garbage collected are also purged. ![]() When the vault is locked, this data is purged from memory. This is needed to decrypt data in your vault. Your encryption key (which is derived from the master password) is kept in memory while the app is unlocked. We do not keep the master password stored locally or in memory. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |