Firefox

I recommend a password manager like Bitwarden, it has a great Firefox extension and it's very secure.

I trust it enough to use the feature, but I've got separate cards for online and in-person purchases. The online card is temporarily disabled in my bank app, and I only unblock it when I intend to use it. Takes like 30 seconds extra.

The in-person card is permanently unlocked for NFC and regular store transactions, but region locked to the country where I'm currently at, and transactions over $30 require the PIN.

Please don't save stuff in your browser. It's very easy to rip those passwords and logins. If you must, keep it in a proper password manager like bitwarden or keepass.

reversible encryption

All encryption is reversible, otherwise it wouldn't be encryption, it would be a hash. If you don't use a password, it's easy to reverse the encryption. If you do use a password, the maximum security with a brute force attack is 112 bits, which is pretty weak.

I recommend using a different password management service (which also handles credit card info), any password manager will be fine. I personally use Bitwarden, which uses 256 bits of encryption. That's pretty standard across password managers, so you're better of focusing on making a secure password.

That said, if you're only worried about credit card info and not storing passwords in Firefox, you're probably fine. Credit cards have a ton of protection, so if someone steals your card info, call your bank to dispute the fraudulent transactions and get a new card, it doesn't cost anything and has little hassle. Debit cards are another story, so I recommend just not using debit cards at all online.

If it's a credit card then you should have pretty decent protection against fraud from the credit card company. I've had my card details stolen a few times (though never directly from my browser) and each time the credit card company has identified the fraud and reached out to me within minutes.

Now if it's a debit card, you should NEVER put those numbers into a computer. I only ever use my debit card to access the ATM, and even that is rare.

More likely to be stolen in person at your local coffee shop

I don't even trust Steam, let alone Mozilla. I don't think I've ever had any credit card auto-fill on any browser I've ever had

With credit cards any fraud is the responsibility of the credit card processor not the individual. So the risk isn't on your side.

I simply use my credit card number for my password on every site. it makes it so much easier to remember both. back in the day i would use my social security number. thanks to that simple trick, i never get robocalls or spam and i've been removed from most mailing lists because no one will ever issue credit or do business of any kind with me. a hacker stole my identity once and my credit score quadrupled. he even gave my identity back a week later!

No, i use keepass and coppy/paste like the other commenter

The number being somewhere on your computer isn't something I'd worry about. The real risk is from a liberal autocomplete that might throw it into website forms where you don't want it to be, including hidden ones. Maybe there are protections in place since I last let Firefox save anything like this, but it used to try pasting address and CC info whenever it could.

Fuck no.

I do trust it well enough, but I don't use it.

For starters, I don't want it to be too easy to spend money. If I want something, I should want it enough to pull my card out and type the number again.

Second, the auto-fill often doesn't work perfectly, so you need the card anyway.

Third, there's the slim chance it could be hacked. So why even take that chance when the only benefit is convenience

I don't trust saving my CC numbers anywhere. And considering how many times retailers have been hacked and had that kind of information stolen I wish it were law that no one could save them.

If Firefox can read it from disk without a password, any other program running as your user can read it from disk without a password. But to prevent this you can encrypt your Firefox profile with a password.

I put it into my password manager. (KeePassXC with Syncthing to share the database)

I don't save them in Firefox, not because I don't trust Firefox, just because keeping them in a password manager is more convenient. I don't think there's a reason not to trust Firefox.

Absolutely not.

No. I don't save cc's on any browser.

I leave a number wrong. The security code, date, whatever. I can remember one number and correct the autofill while making an attempt to keep things a little more secure and still convenient.

I keep those kind of numbers in Keepassxc and cut and paste them when I need them. It's not that I don't trust FF I just think having one storage place is better than having two and it's just not necessary for FF to have them. A few extra seconds of copy pasting inconvenience is a price I'm happy to pay. For extra security I never cut and paste the CVC, that's always manual entry from memory.

No. If I want my CC number I just…..look at my CC

I would totally trust it, but on a cyber security stand point I don't trust anything with my credit card. The only place where the numbers are stored are on the physical card itself

I'm also kinda wary of saving cards in the browser. So I created a virtual card with a spending limit for that purpose.

Although there's more to fear from malware stealing saved passwords. Fraudulent transactions can be reversed, identity theft will do a lot more damage.

No... not leaving cc on any browser... I use KeepassXC and setup to clear anything in the clipboard within 10 seconds

Your saved passwords are reversible too, just don't do it. If you really want to, put a password on it, but then why would you even save it at all? The convenience is lost at that point. And if you save it without a password, to decrypt the cc a decryption key has to be saved somewhere, and if it's not on your pc, it's saved on a server you don't own.

If you've got credit card paranoia, Privacy.com has a solution for you. I personally just rely on my credit cards theft/fraud protection programs.

I actually memorised my credit card number including the expiration date and security code. it's very convenient and I highly recommend it.