No, I didn't miss the threat model. I am all for password managers, in fact I am even developing one myself. The sad truth is however, most password managers aren't exactly a shining example of security best practices. This blog post is simply me being disappointed seeing Mozilla do so poorly. As things are now, the master password on the Firefox password manager (a common recommendation meant to improve security) is little more than security theater. But I'm not saying of course that no password manager whatsoever is a better solution.