I’m not a fan of password managers in browsers; it makes me feel even worse about how OS-like the browsers are getting (and how far from Firefox’s “we’re secure because we’re simple” roots they’ve strayed), but I’ll have to remember this Firemaster tool (article by Lifehacker) if I ever find a need to break into a Firefox password manager store. (via h-i-r.net)
In-browser password management is something people looking for efficiency and shortcuts want to use. In my opinion, most of those people are probably the same people who re-use passwords and use simple passwords. I would suspect most people choose simpler passwords for their in-browser management tool, making Firemaster a risk. (Of course, you’ll never learn what your passwords are if something always puts them in for you!)
Then again, one should always expect some method of cracking or brute-forcing passwords, and thus always choose reasonably complex ones.