Since this service appears to be deliberately aimed at non-tech-savvy users, I get the impression that Mozilla is trying to not normalize the practice of submitting your passwords to third-party websites. It also nimbly sidesteps any questions of "why should I trust firefox.com with my password"; you don't need to, because you're not giving it to them.

Disclaimer: Monitor dev here ...

Watch this space: https://github.com/mozilla/blurts-addon/issues/142

;)

That repo is archived and read-only though. Is it still being actively developed elsewhere?

Well with the API it’s pretty easy to test your password. You just have to hash it, send the 5 first characters and it returns the list of the hashes starting with those 5 characters.

You then just check.

It's easy if you know what you're doing. I don't think my mother could do this.

You are completely right, but I was answering to parent post.

I don’t think your mother, or mine, can ask herself this question of trusting the JavaScript or not :-)

Mozilla have a password saving app, not checked but I wouldn't be surprised if that is a feature and may have inspired this collaboration.