While this might be handy when visiting your favorite paid porn site, isn't this counter-intuitive? When I am in private mode, I expect nothing to be saved.
In both private and not-private windows, the browser asks the user whether to save each password. Nothing is saved unless you explicitly click the Save button.
Ok, but I think the parent is wondering in what situation you'd want to store in the browser details of a site you'd visited, but still use private mode to "hide" that you'd visited?
What data does the password use retain? IIRC password store retains the "time first used, time last used" and displays that visibly.
In short what's the use-case or user story that fits this feature?
If your girlfriend is replicating your harddrive to determine what ring you're buying, maybe it's better if she finds out and you call off the wedding instead of going through with it.
> What data does the password use retain? IIRC password store retains the "time first used, time last used" and displays that visibly.
Lets compare it to downloads. That's another feature that leaves quite a bit of "compromising" info but users might still want to use it. I am thankful that Firefox does still allow downloads in private mode and did not just disable it. Sure, I could copy all the links into a non private session, but that would be annoying.
Similarly, imagining a situation were saving passwords from private windows might come in handy doesn't seem like a hard stretch to me. It also pretty obviously leaves a trace, just like a download, and thus shouldn't create much user confusion.
Some browse in private mode all the time and many times I have wished it asked me to save passwords so I don't have to type them repeatedly. Bookmarks work in private mode, why not passwords?
Not adding every damned site to my hstory is actually a feature.
Chrome's session and tab management on both desktop and mobile are abysmal. Whilst I've nuked it from desktop, I cannot remove it from Android. And, sadly, Firefox performance there still lags badly.
I browse almost exclusively in incognity on Chrome/Android.
I'm assuming the threat is considered to be someone with local physical access to one's computer. Once you've entered your master password then an "attacker" only has to click the burger menu, then "logins" then they can enter a string from a website login URL, maybe "porn" and it would show the website's full domain, the username used, when the site was first and most-recently visited, and how many visits were made over time -- if it keeps bookmarks with all the info -- if you were using privacy mode to hide your tracks then it's not working there.
If you use Private Mode all the time then can't you just set the browser to act as if it were in private mode but with more fine-settings choice, that way you could have had password saving all along.
So, I'm still not really seeing the benefit.
That said, presumably the password db could have salted-hashes in in-place of domains/URLs for "privacy mode passwords" and then they'd be very hard to casually discover; that might be closer to user expectations.
In addition to using private mode for visiting sites that I don't want saved in my history, I also use it as a poor mans sandbox for visiting sensitive sites (like my bank), to avoid potential cross-site-scripting attacks while visiting those sites. For this use-case, saving passwords is very useful. In fact, my biggest complaint with private mode in Firefox is that my preferred password manager plugin (bitwarden) doesn't work in private mode.
Why not use Firefox multi account containers[1] for this use case?
Having one banking container or even one per bank would have the same effect, without the annoyances of private mode?
I tried it out, but it was much more structured than I'd like. I don't really want to have pre-defined a bunch of containers for each site that I want compartmentalized. I really like the ephemeral nature of private browsing where a single click gives me a fresh new container that I can use for whatever I want. Plus, when giving recommendations to family members, private browsing is more user-facing feature, and easier for them to use.
Sounds like we need a guest mode where nothing saves but add-ons work and a privacy mode where things are privacy driven and only certain add-ons work.
Yeah - I still think it's crazy that when using (mobile) Chrome, if you poke around in bookmarks, it will remember what folder you were in. So there's some hint of where you've been if someone else would then go to use Chrome bookmarks.
You might argue that if you really want private browsing, don't use bookmarks, but I feel that's a weak argument.