Showing results for 
Search instead for 
Did you mean: 
Posts: 19
Location: USA
Views: 6,952
Message 21 of 40

Re: Firefox 3.6 and future add-on updates of Password Manager

It would be nice for Lenovo to supply a supported fix. If the post above describes exactly how to do it, you would think it wouldn't be hard.

Serial Port
Posts: 23
Location: Poland
Views: 6,730
Message 22 of 40

Re: Firefox 3.6 and future add-on updates of Password Manager

During the update Firefox 3.6.2 disables modified XPI add-on.

Anyone have succesfully tested user modified ThinkVantage Password Manager add-on 3.0.1 with latest Firefox 3.6.2 version ?


TIA 4 replies

Lenovo Employee handyd
Lenovo Employee
Posts: 37
Location: New Jersey, USA
Views: 6,456
Message 23 of 40

Re: Firefox 3.6 and future add-on updates of Password Manager

Punch Card
Posts: 38
Location: Australia
Views: 6,439
Message 24 of 40

Re: Firefox 3.6 and future add-on updates of Password Manager


They have to.


A lot faster than when coding their fix for 3.x flat.


I better update the ' thread because that's sitting at 237 posts Smiley Surprised.

But will continue i'm sure, like this thread, to the nth degree of Mozilla revising their engine to a major revision each time.

I.e. Say they code 3.7.x or maybe 4.x, we can be safe to say Lenovo will be a good couple to 6 months behind on their TVTPWM update for the add-on in FF.

Fanfold Paper
Posts: 12
Location: Jericho
Views: 6,425
Message 25 of 40

Re: Firefox 3.6 and future add-on updates of Password Manager


Token Ring
Posts: 161
Location: Toronto, Canada
Views: 6,442
Message 26 of 40

Re: Firefox 3.6 and future add-on updates of Password Manager

UPDATE 2010/11/30: I have just tried Mozilla Firefox 4.0 Beta 7 and my hacked extension no longer works, there have been too many significant changes between 3.7a4 and 4.0b7, notably to the Firefox UI components. I have edited the install.rdf file in the ThinkFox extension archive to only include Firefox versions up to 3.6.*; I have also installed the extension on Mozilla Thunderbird 3.1.*, so that software has been added to the install.rdf as well. END


I've used the Firefox extension "MR Tech Toolkit" to enable the Firefox ThinkVantage password manager extension included with Client Security Suite 8.3 on Windows 7, and I've tested that solution on Firefox 3.0.x and Developer Preview 3.7a4.


It works quite well: if you keep the default password collection policy of the Lenovo Password Manager, which is to collect and recognize them by domain, and if you have several passwords used on one domain (e.g., then a list of collected password entries will be presented to you when accessing any recognized login form on that domain. For instance, I use both Gmail and Google Apps, each of which use different login form pages on the domain--I just pick the right password entry which I've named after the email ID they are used for.


But I don't use the actual CSS password manager, I prefer to keep all my web passwords in the Firefox password manager, protected by a master password. And using the Thinkfox extension instructions referenced at and some quick hackery, I've created an updated Thinkfox which may be downloaded at


Thinkfox is a Firefox extension to allow the use of the Firefox password manager's master password with the Lenovo ThinkVantage Password Manager and Firefox. This is a quick hack of Zender's extension and instructions at which everyone should read before installing this. I have merely updated the Firefox extension maxversion to 4.0+, given the extension a new GUID, and updated the descriptive details. The "components" directory of the extension has been extracted from "C:\Program Files\Lenovo\Client Security Solution\tvtpwm_moz_xpi.xpi" in a Windows 7 x86 installation of Lenovo Client Security Suite 8.3 (no Firefox 3.6 upgrade). People on Vista or Windows XP may want to create their own version, I don't have the Windows machines to do that; you can simply unzip and re-zip my version of Thinkfox, replacing the "components" folder with the version on your machine. IMPORTANT: make sure you disable the original Lenovo firefox extension by selecting its entry in the Firefox extension list and clicking the disable button in its listing, before installing the hacked extension.


It has been tested on Windows 7 x86, Firefox 3.0.x and Firefox Developer Preview 3.7a4 (one of the alpha versions of the Firefox 4.0) and works well: whenever the Firefox master password dialog appears the first time in a browser session, the ThinkVantage password/fingerprint collection UI appears, and successful credentials cause an automatic submission of the Firefox master password.


Zender's instructions concerning setting this up are: "Next time you enter master password, you should be asked by the Client Security Solution to save it. I recommend opening Advanced and selecting Secure, so that you're not asked just once per boot." (Actually, it's changed to clicking on "Advanced", then selecting a "Custom" security setting, and then changing "Once per boot" to "Everytime". Or something like that.)


Unfortunately, the Lenovo Password Manager does not notice when you change your Firefox master password, so that it goes into an endless loop of submitting the wrong password over and over again (kill it fron the Windows Task manager). The simple expedient is to update the Firefox password clear text recorded in the Lenovo Password manager every time the Firefox master password is changed.


I didn't ask the permission of anyone to do this, but I do hope this modified extension helps people. I will not be responsible for any potential mayhem! (I did check the javascript files for anything suspicious, like a backdoor to send passwords to undisclosed three-letter agencies of the US and other governments, but came up with nothing.)

Token Ring
Posts: 185
Location: Singapore
Views: 5,534
Message 27 of 40

Re: Firefox 3.6 and future add-on updates of Password Manager

Hi mjdl, i really like to thank you for this amazing post! i have used the thinkfox u edited! works great with my FF3.6

Perspective of life -
Token Ring
Posts: 161
Location: Toronto, Canada
Views: 5,524
Message 28 of 40

Re: Firefox 3.6 and future add-on updates of Password Manager

I'm glad my quick hack works for you! I still haven't worked out what happens or should happen when the Firefox Master Password is changed by the user: I think the simplest thing is for the user to delete the password entry in the Lenovo Password Manager after changing the Firefox Master Password: then the re-enrollment in the Lenovo Password Manager of that Firefox password should work normally.

Token Ring
Posts: 185
Location: Singapore
Views: 5,515
Message 29 of 40

Re: Firefox 3.6 and future add-on updates of Password Manager

Haha My firefox master password will never change. I really love thinkfox and how it worked. Cause i need to enter masterpassword everytime. Swiping my finger is awesome! and it's great! lenovo password manager works awesome too. Love it.

Perspective of life -
Punch Card
Posts: 66
Location: Daly City, CA
Views: 5,088
Message 30 of 40

Re: Firefox 3.6 and Password Manager fix/patch on T410s

The patch listed


doesnt list T410s as supported systems.  I took a chance and installed it anyway.  I have 64-bit version of Windows 7 (I assume the password manager though is 32-bit software).


Currently it works on my computer.  Firefox 3.6.6, Password manager 3.20.0311.00

Top Kudoed Authors