Oh noes. My antivirus has eaten my auto-saved passwords

AVG glitch creates hassle for Firefox users

UPDATED Firefox users are complaining that their auto-saved passwords can no longer be accessed as normal when they boot up the open source web browser.

Technology built into Firefox allows users to save their login credentials to remove the hassle that would otherwise result from having to signing into websites.

The username and password details are contained in a JSON file located within the Firefox profile folder.

Reports suggest that widely used Windows anti-malware apps from Avast and AVG are corrupting the logins.json file, rendering it unusable.

The issue arose when users updated from Firefox 67.0.1 to Firefox 67.0.2 but stems from a glitch with particular third-party security software packages rather than anything to do with the browser itself.

The snafu was picked up by Techdows and technology blogger Martin Brinkmann, who goes on to suggest a number of potential workarounds.

“One option to fix the issue on the user’s end would be to exclude Firefox or the file from scans,” Brinkmann writes.

“Other than that, you either have to wait for AVG/Avast to issue a patch that addresses the problem or remove the software from the system.”

“Some Firefox users fixed the issue by rolling back to Firefox 67.0.1; AVG/Avast software appears to play fine with that version of the browser,” he added.

In response to a request for comment from The Daily Swig, Avast (which owns both the Avast and AVG brands) acknowledge the problem but said it was limited to users of the AVG Password Protection feature. The problem has since been resolved.

“It appears that some AVG users may have been unable to access their browser passwords when using Firefox. This only applied to those who purchased the AVG Password Protection feature and the issue was fixed today [Friday] at 12:20pm. Avast users were not affected. This happened because Firefox updated its certificates for sign in to the new version of the browser and AVG did not have this new certificate marked in its database as trusted.”

“The problem was fixed today for AVG users at 12:20 CET and an update was distributed immediately to our user base. AVG checks for updates every four hours, and users can also manually update their software under their AVG settings -> Update. Users with product version VPS 190614-02 and newer will not experience any issues,” it added.

A trouble ticket for the password problem – entitled ‘Saved logins and passwords missing after update to 67.0.2 - Problem in AVG’ – has been raised on Bugzilla, Mozilla’s bug tracker.

Peter Dolanjski, product lead for Firefox, commented: “Recently, we became aware of a potential issue for Firefox users who use AVG anti-virus software related to saved passwords in Firefox no longer being accessible.”

“We have been in contact with AVG to help resolve this issue. They have updated their software which should prevent the issue from happening going forward. However, we are working on specific steps to address the issue for users who are currently affected.”

Mozilla published a support article on the issue with more information late on Friday.

This article was updated on June 17 to add comment and advice from both Avast and Mozilla.