It is a hit or miss, as some password fields don't get this. However, I personally fund it useful and use it about 100/% of the time in new signups/resets when available.

I believe you can right click in any type=password field to bring it up with the heuristics didn’t detect it as a new password field.

Yeah that's the problem though: A lot of websites don't set the password field to "type=password" or they don't set the second (verify) password field like that. Why do they do this? Either the web developer didn't really know what they were doing or they were given some very unique requirements (e.g. need to work with a legacy framework).

Wrong. There's random generation, and each randomly generated password is pinned to the site where it was generated. When you navigate to a different site, Firefox will generate a new password. There's no cross-site leaking.

Password is leaked and you want to change it all in the same browser session/tab since you created it for the 1st time? I mean, technically you could be living with the same tab opened for months but...

I meant in addition to the issue being discussed.

> It's barely usable, and with this behavior it's just dangerous.