[haasted]

It generates the same password when on the same domain. There's probably a usability explanation for this behaviour, rather than lack of entropy.

Wish the responder would have spend some time elaborating on "why" rather than just stating that it's "by design".

[forgotpwd16]

Seems they saw the submission and edited their response, appending the following:

    EDIT 2022-12-20: There are at least 3 cases where this is desirable within a short period of time:
    1. Filling password confirmation fields on the same page if we were not able to automatically do so.
    2. Filling the same password on the next page
    3. The password didn’t save on the change form so you need to fill it on the log in page.
       Bug 1551723 will give the user the option to choose a new password.

#1551723 tracked @ https://bugzilla.mozilla.org/show_bug.cgi?id=1551723

[nebalee]

It only generates the same password if the browser session is also the same, i.e. it generates a different password for the same domain if the browser was closed in the meantime.

[sys42590]

Lack of entropy when generating keys and passwords leads to things like the infamous Debian weak SSH keys vulnerability from 2008: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0166

So I'd prefer secure passwords instead of convenient passwords...