User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:11.0a1) Gecko/20111115 Firefox/11.0a1 Build ID: 20111115030957 Steps to reproduce: Firefox stores passwords in an easily accessible form. Passwords should be stored securely. On the Mac, the Keychain should be used. Chrome stores its passwords in the Keychain without any problems. Note that it is quite common for many users to use the same password on multiple sites, including on sites and services accessed outside of Firefox. An attacker who can access a user's Firefox profile can get a list of these passwords in the clear, resulting in a compromise not only of user websites, but potentially of other things as well. Expected results: Passwords should never be stored in the clear.