aboutsummaryrefslogtreecommitdiff
path: root/profiles
diff options
context:
space:
mode:
authortilpner2020-04-05 21:36:04 +0200
committertilpner2020-04-05 21:36:04 +0200
commit3be07423a3854cc993dc2a5fd76df375ab319a45 (patch)
tree7199e07d683a76c9b1dc3029c0edad2f624d0871 /profiles
parentc9d58b344866b75702ff395f45c278a24662077a (diff)
downloadfirefox-profiles-3be07423a3854cc993dc2a5fd76df375ab319a45.tar.gz
firefox-profiles-3be07423a3854cc993dc2a5fd76df375ab319a45.tar.xz
firefox-profiles-3be07423a3854cc993dc2a5fd76df375ab319a45.zip
noPasswords: init
Diffstat (limited to 'profiles')
-rw-r--r--profiles/noPasswords.nix27
1 files changed, 27 insertions, 0 deletions
diff --git a/profiles/noPasswords.nix b/profiles/noPasswords.nix
new file mode 100644
index 0000000..9adceb7
--- /dev/null
+++ b/profiles/noPasswords.nix
@@ -0,0 +1,27 @@
+{ }: {
+ meta.description = ''
+ Prevent the user from storing any passwords in the browser.
+ This can be justified if the physical security of the device is uncertain, or
+ if the provider wants to avoid the responsiblity of storing such sensitive data.
+
+ However, the users alternatives must be considered: what will a user do without the
+ password manager?
+
+ Possible "alternatives" (from user perspective) include:
+ - Choose much weaker passwords
+ - Store the passwords in an unencrypted form (e.g. on the desktop)
+ '';
+
+ policies = {
+ # TODO: how exactly are passwords stored?
+ OfferToSaveLogins = false;
+ PasswordManagerEnabled = false;
+ };
+
+ preferences = {
+ # Ask for password every 15 minutes
+ security.ask_for_password = 2;
+ security.password_lifetime = 15; # minutes
+ signon.masterPasswordReprompt.timeout_ms = 15 * 60 * 1000;
+ };
+}