I created an item with Firefox on Mac (I use a master password). I manually pushed the synch button to make sure it’s synched.
I do not see anything in the iOS App?
Any ideas?
I created an item with Firefox on Mac (I use a master password). I manually pushed the synch button to make sure it’s synched.
I do not see anything in the iOS App?
Any ideas?
Pull to refresh should help.
In the iOS app: start from your full list of items. Then tap anywhere in the list, hold and pull down.
(not my gif)
Then the app should refresh and sync all your items. The new item should appear immediately. I hope that helps!
I don’t get this far…
And I was also never asked for the master password? I have already removed and re-added the account several times.
Ok having this checked, helps
Any idea why it works on the mobile without having to provide the master password? This feels a bit inconsistent?
The Master Password in Firefox is only used to protect data stored locally, and not the data stored remotely. In fact, it is possible to have different Master Passwords set for each of your Firefox profiles and apps – even on the same machine.
Instead, the remote sync data is encrypted using a key derived from your Firefox Accounts username and password (we’ll call this your “sync key”). Firefox decrypts the locally stored data and re-encrypts it using this sync key before sending it to Firefox’s Sync servers. Firefox Lockbox likewise uses this sync key to decrypt the data it gets from the Firefox Sync servers and re-encrypts with a randomly-generated key before storing it on your iPhone (and uses your iPhone’s secure storage to hold onto those keys).
Please note that Firefox servers never know your Firefox Accounts password; we use and compare hashes created on your device to log you in, and different hashes to get your sync key. If you’re interested in all of the technical details, you can read about our “onepw” protocol here: https://github.com/mozilla/fxa-auth-server/wiki/onepw-protocol
Thank you for the explanation @m_and_m - I figured it was only locally enforced after it worked without providing it.
I was maybe confused because for chrome, similarly you can define an additional password but this is then required on any client for decryption of the data.