Pale Moon forum

The release notes for 28.6.0 have this paragraph:

Updated NSS to a custom version to have better encryption strength for master passwords.
IMPORTANT: To use this strong encryption and re-key the password database with it, change your master password (can be changed to the same one you already had if desired, but you have to go through the change password process). Depending on your computer and the number of stored passwords, this encryption update may take some time, so please be patient. Please be aware that once re-keyed, the password store will be locked to the new encryption and will no longer be accessible with the master password in older versions of Pale Moon.

So I backed up my profile, updated to 28.6.0, and changed my master password... How can I confirm that everything worked fine? From the way the release note was worded, I assumed that all passwords would be re-encrypted and then saved to logins.json in my profile directory, but this file remained completely unchanged. I was also surprised that the message "Master password successfully changed" popped up immediately after confirming the password change, i.e. there was no delay as suggested by the release notes. Maybe I'm just being paranoid, but I do want to be sure that everything worked fine.

Also, this may or may not be related, but I noticed that the browser will now freeze for a minute or so whenever I try to access the list of all saved passwords (Preferences > Security > Saved Passwords). This happens every time I re-open the list, and it also happens even if the master password has not been changed since the browser update. I'm not entirely sure if this issue is related, but it seems this behavior was introduced in 28.6.0.

Running PM 28.6.0 x64 on Manjaro Linux x64. Both the official tarball and the AUR palemoon-bin package exhibit the same behavior, and safe mode and even a new profile (with only the password-related files copied over to the new profile) do not make any difference either.

Toa-Nuva wrote: ↑

2019-07-02, 18:22

Also, this may or may not be related, but I noticed that the browser will now freeze for a minute or so whenever I try to access the list of all saved passwords (Preferences > Security > Saved Passwords). This happens every time I re-open the list, and it also happens even if the master password has not been changed since the browser update. I'm not entirely sure if this issue is related, but it seems this behavior was introduced in 28.6.0.

I'm having the same freeze-up problem when opening the list of saved passwords, for up to two minutes. Furthermore, once the list opens there are no entries displayed, although the login/password information is still stored in PM because the forms on the webpages are auto-filled.

I'm running PM 28.6.0 x64 on Windows 8 x64 with several extensions, the password related ones are Password Exporter 1.3.4 and Classic Password Editor 1.1.2. I've tested running in Safe-mode and disabling the extensions doesn't solve the freeze-up problem, but at least the password list gets populated. Pressing the "Show passwords" button causes another freeze-up. I've tried changing the master password, but it has no effect and there is no delay at all after inserting a new one.

Please see the general support thread about this. I'm working on figuring out an acceptable balanced value for this.