Firefox Lockbox architect here. Thank you for the feedback. Your comment is fair; we can, and will, do better on the details. The language we have today is the balance marketing, security reviewers, and engineering could reach for the masses to feel informed without being overwhelmed and confused.

As you found, Firefox Accounts derives the encryption key from your username and password on the client-side; the server is never aware of your password. That encryption key protects your data on your device using AES-256-GCM, and is stored in its security enclave behind Touch ID or Face ID wherever possible.

>The language we have today is the balance marketing, security reviewers, and engineering could reach for the masses to feel informed without being overwhelmed and confused.

It would be fantastic to have a 'more details' page, where the nitty-gritty is detailed for those who care.

Thanks for this, and wanting to know more! We're working on expanding our docs to add this.

Maybe also compare this service with other cloud password managers. It's not easy to understands the pros and cons of each of them. Is this a better service than existing managers and if so, in what way?

I, too, want to know the implementaion details. That said I’ve watched hundred of eyes gloss over as I emphatically implored lay-persons about password policies and tools like password managers and Frankly their definition of ‘secure’ can be encapsulated in ‘256-bit encryption’.

An oversight on Mozilla’s part for security-types and engineers, but maybe they have the masses in mind with this tool & it’s marketing site.

Maybe the ship has sailed, but I would prefer laypersons not associate the phrase "256-bit encryption" with anything, and would much rather one like "strong encryption practices" if it's a link to the technical specifications. They have no basis on which to evaluate what 256 bits of anything actually mean, so using it as a technical term to throw at their face intending for them to latch onto it as a valuable metric is actively harmful. What if it said "Strong 256-bit RSA encryption". To you and I that phrase should send off alarm bells, but a layperson might actually rank that as more secure because of the added technical jargon. You've just taught them to trust random technical-sounding security jargon so adding more jargon makes it sound more better.

It's probably way to late to make any difference here, but I still wish mozilla could push the boundaries here.

On the other side, is it fair to say 8-bit encryption is NOT secure?

yeah, but if I'm rotating a 256-bit key using XOR, is that really secure? It's 256-bit encryption, but about the weakest thing I could possibly do short of plain text.

Do the masses have any idea of what "256-bit encryption" would mean anyway?

Not at all! But that’s what all the other security whitewash on financial and ecommerce sites say, so to most folks it, like, totally means it’s really really secure— pinky swear!

I'd guess for that page the technical details get fed to marketing who boil it down to whatever they think will impress people with limited (if any) technical knowledge.

Exactly that, but shouldn't we expect better from Mozilla?

For Mozilla to be successful they have to appeal to the largest demographic possible. I'd only ask that Mozilla make additional technical information easy to find and well laid out.

This is LastPass's page:

https://lastpass.com/support.php?cmd=showfaq&id=1096

But that too you won't find when you use the app/extension normally.

This neither harms users nor the general public, so I don't see relevance.

If by PBKDF2 you mean PBKDF2-HMAC-SHA256, it should die as it's so much less secure than using Argon2 as a password hash function.