[HN Gopher] Multi-Account Containers
___________________________________________________________________
Multi-Account Containers
Author : throw0101c
Score : 128 points
Date : 2023-02-12 20:50 UTC (2 hours ago)
(HTM) web link (support.mozilla.org)
(TXT) w3m dump (support.mozilla.org)
| slickdork wrote:
| I've been using this for a few years now and love it. I wish for
| two things.
|
| 1) i wish there was a way to automatically delete
| cookies/cache/history from specific containers every time. My
| personal container needs cookies and logins saved. My other
| containers don't need persistent cookies.
|
| 2) I've always wished for protonvpn to apply to only specific
| containers. Reading this now though, I see firefox's VPN does
| that so that's very cool, I might need to look into their vpn.
| Jiocus wrote:
| The Mozilla VPN is a relabelled service by Mullvad VPN.
| mech422 wrote:
| I combine containers with profiles to achieve this... I have
| totally separate profiles for: 'temp' (delete everything on
| close) 'shopping' (containers for my common stores) 'finance'
| (containers for banks, etc)
|
| Gives a lot of flexibility, and I'm a lot less nervous opening
| stuff in 'temp' session when I know everything else is safely
| in totally different profiles/directories.
| yipeedipee wrote:
| What you want is the Temporary Containers addon:
| https://addons.mozilla.org/en-GB/firefox/addon/temporary-con...
|
| It will let you open containers that trash cookies on close.
| You can also set certain URL's to always open in a tmp
| container which is useful for sites that only let you read x
| amount of article per month.
| johnchristopher wrote:
| How is it different/better from incognito mode ?
| herklwlkjwher wrote:
| incognito shares state between tabs. temporary containers
| can have a fresh container for every tab, so your tabs are
| isolated. you can also use it in a way that by default
| every site you visit is using a temporary container, with
| certain urls set to use their corresponding long term
| containers -- if i go to github, it opens in a github
| container, if i click a link to some random dev's site, it
| opens in a temp container, etc.
|
| to provide context, i still use incognito, but i consider
| incognito mostly about hiding things from myself -- i use
| it almost exclusively for porn, because i don't want my
| porn habits in my browser suggestions. temporary tabs still
| land in the recent urls and such.
| yipeedipee wrote:
| You keep your browsing history for one but clear the
| cookies out after automatically.
| jlokier wrote:
| Incognito isn't as private as the name suggests. I was
| surprised one day to open a tab in Incognito and see the
| site I visited knew who I was. That's because I had logged
| in to a related site in a tab I'd forgotten about in
| another Incognito window.
|
| My assumption up to then was that each newly opened
| Incognito tab or window was it's own private session, but
| this turned out to be wrong - they all share state, as if
| you had one separate but shared profile called Incognito.
| This was a little upsetting as I'd been using Incognito for
| years without realising the data sharing going on.
|
| Temporary Containers does what I'd expected from Incognito.
| Each new temporary container has its own isolated cookies
| etc from all the others. So now I open a TC when I want to
| visit a site without identity or tracking, or to login
| temporarily with a different account, and don't use
| Incognito at all.
| herklwlkjwher wrote:
| i use this, it sounds like in a way inverted from the way you
| do -- i have containers for any site that i want to maintain
| persistence on, then default to a tmp container
| sickmartian wrote:
| for 1) do look into the temporary containers extension.
| ckastner wrote:
| Cookie AutoDelete is great for custom site-specific cookie
| policies and is container-aware, see
|
| https://addons.mozilla.org/en-US/firefox/addon/cookie-autode...
| reyqn wrote:
| You can apply a per container proxy, so if you run a proxy that
| goes through your vpn, you could do this with protonvpn. I do
| this with a ssh tunnel.
| ryan-duve wrote:
| We use different AWS accounts for different purposes at work. It
| would be an extreme productivity loss if I had to go back to
| using something other than Firefox's containers.
| handedness wrote:
| It's not an identical feature, but I have some workflows which
| require Chromium and compartmentalization between a multiple
| accounts, and Brave's profiles aren't a bad alternative.
| zamadatix wrote:
| For someone that hasn't used Brave in a while - what's the
| difference between Brave profiles and profiles in other
| Chromium browsers?
| handedness wrote:
| There may be other Chromium-based browsers which do this,
| but none that I use: on launch the user is (optionally)
| prompted with a profile selection tool, with additional
| options to create a new profile or go into a guest session.
| I appreciate this because without it I often end up
| wondering why something isn't behaving properly, and after
| a moment of confusion then realize I'm in the wrong
| profile.
|
| It's not perfect, and I prefer Firefox's rules-driven
| containers, but for anything which requires Chrome I've
| found it sufficient.
| bspammer wrote:
| * * *
| trusz wrote:
| The Arc browser [1] could be nice alternative as it handles
| profiles pretty smooth.
|
| [1]: https://arc.net/
| eliaspro wrote:
| This site basically says nothing except "sign up".
| keb_ wrote:
| This smells like pure marketing, incl the company's website.
| I'd rather use an open-source browser like Firefox.
| nickstinemates wrote:
| Experience is still lacking compared to Chrome profiles. Chrome
| profiles are so much better UX wise than any other solution,
| especially the color coding of the window.
| account-5 wrote:
| Firefox does profiles too.
| baggy_trough wrote:
| But only with command line switches and relaunching, right?
| account-5 wrote:
| Yes and from within the browser about:profiles
|
| And you can edit the shortcut to ask you which profile you
| want to use when you start Firefox.
| fhrow4484 wrote:
| Never used command line for profiles, I'd just go type
| "about:profiles" > "Launch profile in new browser".
|
| This opens a new window with that profile, but you can
| switch between each window at will.
|
| The lack of discoverability of that "about:profiles" page
| is indeed a UX issue compared to chrome, but other that
| that it works pretty well.
|
| For most use cases, I find the more lightweight multi-
| account-containers more useful though.
| thomastjeffery wrote:
| This is that.
| worble wrote:
| I'd argue it's far superior - no need to be switching windows
| constantly and setting the domain automatically loads that site
| in the correct context.
| nickstinemates wrote:
| Multiple windows for me is a feature, not a bug.
| qwerty456127 wrote:
| A killer feature. Once I have tried Forefox's containers I am not
| going way...
| handedness wrote:
| Some (of many) good previous discussions:
|
| 2020: https://news.ycombinator.com/item?id=22047213
|
| 2018: https://news.ycombinator.com/item?id=15256603
| paisawalla wrote:
| I've been using distinct FF profiles to separate work browsing
| from personal browsing on the same machine. I give each profile a
| differently colored theme to visually separate the two and
| discourage accidentally using one profile for another's purpose.
|
| Would multi-account containers be better for that workflow?
| pbowyer wrote:
| I've used these for over a year. Where the experience falls short
| is when using OAuth flows where either the requestor or provider
| is in a different container.
|
| E.g. Slack (work) => Twitter (social media) => ~~broken~~ as the
| redirect doesn't go back to the (work) container.
|
| I can't think of a fix because any there is would break the
| privacy of containers.
| thomastjeffery wrote:
| You can right click a link, and open it in the other container.
| It's clunky, but has worked for me so far.
|
| The UX for default containers could really benefit from some
| kind of context-awareness, but I'm not sure what that would
| look like.
|
| I'm thinking an intermediary tab that gives you a list of
| default containers (instead of only a single option or none at
| all) to choose from when opening a domain. Then, maybe, you
| could set a default choice based on the originating container.
| Or maybe a tree of sub-containers... This is where addon-
| defined UX makes sense.
| password4321 wrote:
| What would be needed to support this in private browsing mode? I
| would like to keep things separate and toss everything when I'm
| done.
| yoavm wrote:
| Private browsing mode is essentially a new temporary container.
| It let's you keep things separate and toss them when you're
| done.
| password4321 wrote:
| Yes, and I'd like to use more than one simultaneously.
| masklinn wrote:
| The temporary containers extension is probably what you want.
| MAC is for separate but "permanent" environments.
| jbverschoor wrote:
| Last week I finally removed some bugs from my multi-instance
| chrome scripts on macOS.
|
| I basically have different applications of chrome, each with a
| different profile. They wacht have a different app icon, browser
| color, and extensions.
|
| It helps me focus a lot to have a different application (cmd-tab
| entry) for dev, media, general browsing.
|
| Social media and other time traps are blocked on my general and
| dev browser.
|
| Works very well I have to say. It copies Chrome using clonefiles
| (CoW on apfs) to save space.
|
| The only thing is that updating goes through the main browser
| (automatic updates are buggy in this case). And I have to
| codesign when there's an update, but the scripts take care of
| that.
| kibwen wrote:
| Can anyone clarify what this provides compared to the built-in
| container support in Firefox? On stock Firefox, it appears that I
| can do everything listed in the documentation above, with the
| exception that this extension appears to allow you to configure a
| domain to automatically open in a given container. Is that the
| only difference?
| thomastjeffery wrote:
| This is the user interface to that built-in container support.
| ZiiS wrote:
| It is really just the eaiest way to turn on the built in
| container support.
| oshanz wrote:
| [dead]
| JW_00000 wrote:
| Very useful if you have multiple Outlook accounts (e.g. school,
| work, personal), because outlook.com doesn't allow you to switch
| between accounts without logging out and back in.
| SamuelAdams wrote:
| Or you hop between different AWS accounts.
| matsemann wrote:
| Or gcp or other Google products. They technically supports it
| by appending different authuser query params, but whenever
| you click something it's bound to choose the wrong one.
| pram wrote:
| I still can't believe you can only be logged into one. Also
| when I re-log in it shows all the tutorial pop up boxes on
| everything EVERY SINGLE TIME.
| starik36 wrote:
| Love the feature and use it all the time. It would be great, if
| you could assign a home page to a container.
| icapybara wrote:
| I tried to like this the other day but it was a real hassle.
|
| I have 3 accounts on a website. I thought I could setup 3
| different containers, one for each account. But it turns out that
| switching between containers is not simple. Whenever I tried to
| switch, I got a pop up from Firefox asking me if I was really
| sure I wanted to switch my default container for that website.
| Sometimes it sent me into a redirect loop with the prompt also. I
| did some googling and found that the consensus was that
| containers simply aren't meant to be used that way.
|
| Firefox Multi Account Containers seem to assume you will always
| use one container for one website, and you can't easily use
| multiple containers for a single site. Or at least, it's very
| inconvenient to do so.
| thomastjeffery wrote:
| Unintuitively, you want to have no default set for that domain,
| and you want to open an empty tab of that container type (by
| long clicking the new tab button or clicking the container
| addon button itself to get a list). Once you have a container
| open, middle-clicking the new tab button will open an empty tab
| in that container.
|
| I agree that the UX is horrendous. Most of that is a byproduct
| of implementing it as an addon instead of a feature.
| M2Ys4U wrote:
| I think this only happens if you use the "Always open this site
| in container" function.
|
| I use MACs with a bunch of different AWS accounts for work, and
| the only papercut is having to right-click my bookmarks and
| choosing which container to open the console in (as opposed to
| having MACs integrated with bookmarks themselves)
| mmm332312 wrote:
| You absolutely can. Open a new tab of containerA and login.
| Open a new tab of containerB and login with a different
| account. I think there's an option somewhere that allows you to
| select "always open [website] in [container]" which might be
| triggering that popup.
| echelon wrote:
| Ugh, same. I thought I was the only one that found these to be
| impossibly buggy.
|
| The container setup/management UI is glitchy and it often
| _forgets!_ containers that were created. It feels like a hack
| week project that got shipped to production.
|
| Despite having containers, Firefox sometimes wants to open the
| managed website in your current window. Or doesn't ask you at
| all when you have multiple containers for the same site.
|
| There's a lack of distinction between containerized / non-
| containerized windows. The colored tabs do not work or break
| down, leaving you in a mysterious or even dangerous state.
|
| The integration with password management tools is obviously
| rough. But coupled with the browser's own attempts at session
| management, plus containers, it's a UX nightmare to log into
| the right container.
|
| The last time I checked this out was last year. Maybe it's
| better now? Given Mozilla staffing, though, I'd guess not.
|
| I really want this to work, but the current solution is worse
| than none at all. I've made do with keeping multiple browsers
| for different tasks.
|
| Be careful if you use this. It breaks unexpectedly and that can
| lead to the wrong actions being taken in the wrong accounts.
| thomastjeffery wrote:
| The struggle is that the container addon does its _own_
| syncing, separate from the browser-wide Firefox account sync
| (that decides the soon should be installed).
|
| Because syncing is a separate step - yet it still happens
| concurrently/unpredictably in the background - there is no
| avoiding the default new user flow that creates 4 default
| containers at install.
| lost_tourist wrote:
| I mean there is if they'd fix it :) . Don't sync those 4 if
| they already exist, don't sync at all otherwise. I would
| assume if you are smart enough to use sync you're smart
| enough to know that it will blow away old "local" settings.
| echelon wrote:
| The tool needs to get out of the way. People are busy and
| have a million other things on their minds. Grappling
| with an obtuse, broken product is a hurdle.
|
| As it stands, Firefox containers are 10x more complicated
| than regular browsing and it exposes sharp edges.
| mostlysimilar wrote:
| Interesting, I accomplish this just fine and it's my primary
| use for containers in Firefox. I don't know what your workflow
| is like, but I just click the "+" tab button, select one of the
| other containers I want, and a new tab opens in that container.
| Type address of website and continue as normal.
| dabeeeenster wrote:
| Wait; what's the point of them if they're not meant to be used
| against the same site?!
| lost_tourist wrote:
| isolation of cookies and other data between websites.
| although now I think firefox does that per tab anyway&site
| combo nowadays anyway. I mainly use it for multiple reddit
| accounts and gmail accounts. also good when combined with
| cookie auto delete for test purpose between testing site
| changes "freshly".
| thomastjeffery wrote:
| To isolate the cookies and JavaScript of a domain from other
| domains.
|
| For example, Facebook is notorious for reading third-party
| site cookies and vice-versa. A collection of associations (X
| Facebook user visited Y sites) is then sold as a portfolio
| for targeted advertising.
|
| I agree this isn't the feature that provides the most
| utility; it's simply the one that was originally at the front
| of the devs' minds.
| Larrikin wrote:
| I use mine for organization (all banking sites are separate
| from shopping websites) and to cordon off toxic sites like
| Facebook.
| matsemann wrote:
| They are. My guess is that person is doing something wrong.
| echelon wrote:
| The feature is incredibly buggy. I wrote a sibling comment
| that details some of the glitchiness.
| matsemann wrote:
| What you're describing is the main use case for this. Are you
| sure you're using it correctly? You're not supposed to change
| default container for that webpage all the time or anything
| like that.
|
| I for instance have a bookmark for a page. I right click it and
| select which container to opening it in. I often open it in
| different containers, have different tabs of it open at the
| same time etc.
| Spunkie wrote:
| I went through the same process when I tried it a few weeks
| ago for multiple GitHub accounts.
|
| I also uninstalled the extension after fumbling around with
| it for 5-10 minutes and not being able to open multiple
| containers of github without it forgetting what I just tried
| to setup or constantly bugging me about switching the default
| container.
| [deleted]
| julianhul wrote:
| Would be cool if each container could generate a unique browser
| fingerprint. Right now they are sharing the same fingerprint,
| which isn't great for privacy.
| quickthrower2 wrote:
| Great for testing logins on web apps. I used a FF plugin to do
| this, I presume having this in FF itself natively is new.
| thomastjeffery wrote:
| I've been using this since it was new. I'm very frustrated to say
| the UI/UX hasn't seen any significant update.
|
| Containers are still synced separately, so any fresh install of
| Firefox will have the tutorial UX and the default 4 containers,
| even after syncing.
|
| Also, address bar completion is still monolithic, making it very
| easy to accidentally open a site in an undesired container. That
| can be worked around by adding every domain to a default
| container, but most of the utility of containers is to use
| several for a single domain, _i.e._ multiple email accounts each
| with their own container instances.
|
| Containers are a feature I find very valuable, but they really
| need their UX to be a core browser feature, not an addon.
| jokoon wrote:
| Agree, it's also quite awkward to link a domain to a container,
| and sometimes it doesn't work well, for example gmail because
| it also uses Google.com (I want to separate Gmail and my Google
| search)
| roter wrote:
| You can open a bookmark in a chosen tab via the context menu
| when right-clicking on a bookmark in e.g. your toolbar. I use
| this to separate Gmail accounts. I use private search for
| Google search.
| herklwlkjwher wrote:
| container sync has been a thing for a while, but you have to
| enable it: https://i.imgur.com/UBj3TjW.png
| TheCraiggers wrote:
| Where do you find that at? I just looked in both the Sync
| settings and Container settings and I do not see that
| setting.
| thomastjeffery wrote:
| It might be always-enabled now. Either way, containers sync
| is a separate event that can't be triggered manually.
| herklwlkjwher wrote:
| https://i.imgur.com/hMmnlB7.png
| thomastjeffery wrote:
| Yes, and the flow is as I described.
|
| 1. Install Firefox.
|
| 2. Log in to fresh Firefox instance.
|
| 3. Let browser-wide sync happen.
|
| 4. Sync installs multi-account containers addon.
|
| 5. Four empty default containers are created. New user
| welcome flow is active.
|
| 6. Sign in to multi-account containers addon. Wait for
| container sync to do its thing.
|
| 7. Containers sync invisibly in the background.
|
| - Default containers that you deleted before (in the instance
| you are syncing from) still exist in this fresh instance.
|
| - New user welcome UX is still active.
| croutonwagon wrote:
| Also....for me. At one point a janked up Firefox instlal on
| 8.1 created something like 100+ duplicates of some of my
| containers, specifically ones names TEst and Test2.
|
| So each time i setup a new browser and sync then, i have to
| go through and manually delete all the duplicates.
|
| They dont re-appear once deleted and changes still sync
| (ie: if i add a URL rule to always open in x container) but
| holy crap is it annoying.
| [deleted]
| jchw wrote:
| Pretty useful. Something I learned at some point was that you can
| actually combine this with Wireguard: If you dig into the
| extension, there's a feature that lets you set a SOCKS5 proxy for
| a profile. You can then point it to a running Wireproxy to go
| from SOCKS5 to Wireguard. Could be handy.
| mic-kul wrote:
| @jchw that's neat! You've seen this in source or is it
| accessible somehow from the UI?
| jchw wrote:
| Accessible via the UI: click into the extension, click the
| right arrow next to a container, select "Manage This
| Container", then "Advanced Proxy Settings" and you can enter
| a SOCKS5 URI. And of course, this requires the aforementioned
| extension, not just the built-in container tabs feature.
| (Confusingly, Firefox does have this feature "cooked in",
| presumably they just expose a bunch of it via WebExtension
| APIs so that things like Multi-Account Containers can work.)
___________________________________________________________________
(page generated 2023-02-12 23:00 UTC)