Using Firefox’s password saving functionality is a frustrating experience for me, and I suspect it’s frustrating for other users too. It has several problems:
Problem #1: when Firefox remembers more than one password (or, more accurately, both a password and a username) for a given site, it doesn’t autofill the login form or give me any clue what the usernames/passwords are until I correctly guess the first letter of one of the usernames.
Although I only have multiple accounts at a couple sites (principally those of two utility companies which made me create new accounts when I moved), I regularly enter my login info incorrectly and then mistakenly tell Firefox to remember it, so I now have invalid remembered passwords at a number of sites, and Firefox no longer autofills their login forms.
Problem #2: Firefox asks me whether it should remember usernames/passwords the moment I submit a login form, and it does so via a modal dialog, so I can’t wait to see if my login attempt succeeded before deciding to save the info.
Problem #3: Deleting passwords is hard. It’s only possible via the password manager, and every time I open the manager I have to rediscover how its list is sorted. Unfortunately the list turns out to be sorted by raw URL, so http://example.com/, http://www.example.com/, and https://www.example.com/ are all in different places on the list, and I have to hunt them all down to find the one(s) I’m looking for.
Fortunately, fixing these problems seems relatively straightforward.
First, when a user loads a login page for which Firefox remembers multiple username/password combos, the browser should display a non-modal status bar (similar to the popup blocker status bar) which lists the usernames and prompts the user to select one. When the user does so, Firefox should fill in the form and perhaps also automatically submit it. Here’s a mockup of how it might look:
Second, when a user submits a login form with an unfamiliar username, Firefox should ask if the user wants to remember the info via another non-modal status bar, something like this:
Third, the password manager should support filtering, just as the cookie manager does, via a “Search” field that restricts the list to matching entries.
With these changes:
- users will be able to see and pick between multiple remembered username/password combos for a given site;
- users won’t have to decide in advance whether to save that info; they’ll be able to do so after seeing if their login attempts have succeeded;
- users deleting passwords using the password manager will be able to filter the list to find just the passwords they want to delete.
As a beneficial side-effect, users will be able to ignore the “save this password?” question instead of being forced to answer it every time. And to make deleting passwords even easier, we might include UI for doing so right from the “pick an account ” bar (f.e. a context menu item).