Any data you enter in the form of "tags" and "metadata" is collected by Password Tags and stored locally alongside the saved password data with which they are associated, in the file signons.sqlite in your profile. Beginning with version 2.1, Password Tags will, at your option, encrypt the metadata (but not the tags) using the same encryption Firefox and Seamonkey use for encrypting your passwords.
For the sole purpose of maintaining proper associations with saved passwords, each metadata record also contains copies of the following from the associated saved password record:
- The randomly-generated globally-unique identifier ("GUID"). This has no meaning on its own and does not reveal anything about your usernames and passwords.
- The site identifiers, including the hostname of the web site or other service.
- The username, encoded with a "one-way hash function" that makes it difficult to determine the actual username from casual inspection. Note, however, that with access to the database, the username could be guessed and the guesses verified using the hash value, with a variable amount of effort depending on how much information an attacker has about you. This does not apply to the data as stored in Sync (see "What data is transmitted and how?" below), as that is additionally encrypted. Also, as of version 2.1, the hashes are "salted" (i.e. random data is added before hashing) to prevent knowledge of a username for one site from allowing an attacker to immediately determine that the same username is being used on other sites.
- The passwords are not stored in any form in metadata records, nor is any other data collected.
The risk of your usernames being revealed depends largely on how you handle the database file (for instance, storing it online without additional encryption would present a high risk). And as always, the risk of your passwords being revealed depends on selection of good passwords; for instance, you should never choose passwords that can easily be guessed based on your other personal information.What data is transmitted and how?
Password Tags does not transmit any data online without your express consent. Should you choose to give such consent, by checking the box labeled "Use Sync service to synchronize your metadata" in the add-on preferences/options, Password Tags in that profile will store online and keep up-to-date a copy of all of the data collected as described in the above section, for the sole purpose of synchronizing it between the Firefox or SeaMonkey profiles you connect to your Sync account. The data is stored by using the Sync service, which applies strong end-to-end encryption such that only those Firefox or SeaMonkey profiles connected to that Sync account can read the data.
Password Tags does not transmit any other data at any time, through any channel, or in any form. You may tell Password Tags in a given Firefox or SeaMonkey profile to stop sending your data at any time by unchecking the "Use Sync service to synchronize your metadata" checkbox, or by disconnecting that profile from your Sync account.