Avast and AVG corrupting Firefox login file

Jun 14, 2019 12:26 GMT  ·  By

If you’re a Firefox user and your passwords are nowhere to be seen starting today, you’re not alone.

An issue hitting the latest version of Mozilla Firefox (67.0.2) on devices where certain antivirus solutions are installed appears to be causing the passwords stored in the browser to no longer be available for users.

As many other modern browsers, Firefox offers to save passwords for the accounts users log into when navigating the web. For example, you can allow Firefox to store your Google credentials for more convenient authentication when trying to check your Gmail inbox.

But beginning today, all these passwords appear to be gone, and Firefox no longer automatically fills credential fields for automatic authentication.

Fortunately, the saved passwords aren’t actually deleted because everything’s caused by an issue impacting the login file that the browser uses to store and read data. As it turns out, Avast and AVG security products are the ones causing the problems after the latest updates.

So right now, your device must be running the following software to encounter the bug:  

· Mozilla Firefox 67.0.2
· Avast Antivirus OR AVG Antivirus
SH was the first to report the issue and TechDows indicates that a temporary workaround already exists, albeit a full patch is still required for impacted devices.

First and foremost, it’s important to understand what happens. The scanning process initiated by the two security products corrupt the login.json file that Firefox relies on to read information about the stored passwords.

The file is loaded on launch, and because it’s corrupted, Firefox no longer lists any passwords within the application, therefore the app isn’t capable of providing the said authentication.

However, it’s important to note that your passwords are not lost.

There are basically two methods to restore the apps, and they involve downgrading to Firefox 67.0.1, which apparently works correctly with the said antivirus apps, and manually fixing the corrupted login.json file.

While the first method is rather straightforward, let’s see how you can fix the corrupted file.

First of all, you need to find the location of the file. To do this, open the browser and then in the address bar, type the following code:


about:support
Click the link that reads open folder to open the profile folder in File Explorer. Next, you need to close the browser and continue working with the folder you just opened in File Explorer.

Basically, at this point you should see a file called:


logins.json.corrupt
This means the logins file is indeed corrupted, and you can repair it by simply renaming it to the original name. To do this, right-click the file, click rename, and then set the following name:
logins.json
Save your changes, and the next time you launch Firefox, everything should work correctly and the passwords should be back in the app.

However, as I said earlier, this workaround is only temporary, as the file would be corrupted once again when you reboot the system.

Going back to Firefox 67.0.1 and blocking the update to the latest release could help you deal with this easier until a full fix is released.

Needless to say, a full patch is absolutely mandatory to resolve the issue, albeit no company has acknowledged the issue so far.

The issue impacts any Windows versions, so it’s not just limited to Windows 10. Users are also recommended to back up their passwords after restoring them, just in case the corrupted file can’t be recovered at a later time. This should help prevent data loss until a patch lands.