[wtbob]

> As on the desktop, I'm using Firefox on the phone mostly for the syncing capability

Be aware that if your Mozilla account password is not a fully-secure, unmemorable, random string then it is possible to break into Sync: unlike previously, the only thing securing your Sync data is your password.

Also be aware that at any time Mozilla can push a piece of targeted JavaScript to you alone, which would reveal your password to them.

The first issue is solvable by using an appropriately-secure password, e.g. apQzICxawJKkU0t7SNqnPd; the second issue is unsolvable unless you fully trust Mozilla the organisation, all its employees and every government which is able to compel its actions.

[morganvachon]

Good to know, thanks. I do use a fairly secure password scheme; basically I memorize several smaller passwords made of random letters, numbers, and symbols, and I concatenate them in ways that make sense to me but (hopefully) are gibberish to anyone else. I try to use the maximum allowable string for each service, or as close as I can get with my system.