There has been a lot of talk about how more and more people are using their laptops on public wifi connections, and with the advent of the Firesheep plugin, there has been a number of scares around session hijacking, and unencrypted login details being sent through the ether.

As a result, I thought I would describe the steps I have taken in securing my Firefox instance on my laptop. These are :

  • Installing the HTTPS Everywhere plugin from the eff, which attempts to select https if available when accessing a site. I have tested it with Facebook, Google, Hotmail, LinkedIn and a few other sites
  • I have set my homepage to be encrypted.google.com
  • I have changed the search engine in top right hand of my Firefox instance to use the encrypted google service, by installing their plugin
  • I have set a master password on my Firefox keychain, which gives my stored passwords some level of protection
  • And I run Adblocking software, (with a custom Facebook Like Button blocking extension) as per an earlier blog post

Furthmore, I use Firefox as my main browser, I have chrome installed, but I hardly ever use it, and I have a locked down, stateless Safari instance which I wrote about earlier.

3 Comments

  1. Sanna

    I recommend using a tool such as 1Password for securing your authentication data. It also helps you to share your credentials between machines (via Dropbox).

    Firefox master password protection is secure only to “some level”, as you wrote. It does not survive a brute-force attack if your password database ever gets stolen.

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *