#pass #passwordstore #mozilla #password-manager

app pass-fxa

Upload a password-store to Firefox Accounts

6 releases (3 breaking)

0.4.1 Feb 14, 2023
0.4.0 Nov 8, 2022
0.3.0 Aug 6, 2021
0.2.1 Aug 6, 2021
0.1.0 Aug 5, 2021

#546 in Command line utilities

50 downloads per month




Crates.io Crates.io

A program that uses Firefox's builtin password manager with zx2c4's pass.

It is meant to be used instead of other traditional browser extensions such as passff and Browserpass with the following benefits:

  • More portable: there is no need to install native messaging host
  • Potentially more secure by reducing some of the attack surface:
  • The native browser UI is better (anecdotal evidence)


Using pre-built binaries from the CI

Linux, macOS and Windows binaries are available on the release page. These binaries are built by GitHub Actions CI.

Using cargo install

From crates.io

cargo install pass-fxa

From git

cargo install --git https://github.com/NilsIrl/pass-fxa.git


Just run pass-fxa. That's it!

pass-fxa will attempt to find your firefox credentials by looking for a password for which the URL is firefox.com. It will use these credentials to then upload your passwords to your Firefox Account (passwords are E2E encrypted).

If multiple records are available, it is possible to specify which to use:

pass-fxa --pass-name firefox.com/example@riseup.net

It is also possible to remove passwords from FxA if they are in your password store, effectively reverting the uploading operation:

pass-fxa [--pass-name <pass-name>] delete

Store format

The URL & username can be obtained in 2 different ways:

  1. As fields in each file login, username, user for the username and url, uri, website, site, link and launch for the URL.
  2. From the filepath, with the containing folder being the domain and the filename the username

For example the following store define logins with username:

  • example@riseup.net for github.com
  • example for riseup.net
  • robert for yahoo.com

Records can be explicitly excluded from being uploaded by adding the line fxa: exclude to a password file. It is also possible to only upload some passwords by adding the line fxa: include. Passwords that have as host firefox.com are excluded by default.

pass-fxa is licensed under the GNU GENERAL PUBLIC LICENSE Version 3 and the underlying library for communication with FxA, pass-fxa-lib, is licensed under the GNU LESSER GENERAL PUBLIC LICENSE Version 3.

Copyright © 2021-2023 Nils André-Chang


~429K SLoC