Bug 612699 - Sync UI: Update to simplify crypto. r=mconnor a=blocking-beta8
authorPhilipp von Weitershausen <philipp@weitershausen.de>
Tue, 30 Nov 2010 20:39:32 -0800
changeset 58421 6a76acc0925f903838ee2053c447dcd5c1b2a2ec
parent 58420 de97b959fca07405660d293f53e79dc3bdc3187a
child 58422 80b459f19bfa92231299070b4e33e436b2549d48
push idunknown
push userunknown
push dateunknown
reviewersmconnor, blocking-beta8
bugs612699
milestone2.0b8pre
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 612699 - Sync UI: Update to simplify crypto. r=mconnor a=blocking-beta8
browser/base/content/syncGenericChange.js
browser/base/content/syncGenericChange.xul
browser/base/content/syncSetup.js
browser/base/content/syncSetup.xul
browser/base/content/syncUtils.js
browser/locales/en-US/chrome/browser/syncSetup.dtd
browser/themes/gnomestripe/browser/syncCommon.css
browser/themes/pinstripe/browser/syncCommon.css
browser/themes/winstripe/browser/syncCommon.css
--- a/browser/base/content/syncGenericChange.js
+++ b/browser/base/content/syncGenericChange.js
@@ -94,19 +94,20 @@ let Change = {
           document.getElementById("passphraseBackupButtons").hidden = true;
           document.getElementById("generatePassphraseButton").hidden = true;
           document.title = this._str("new.synckey.title");
           introText.textContent = this._str("new.synckey.introText");
           this._dialog.getButton("accept")
               .setAttribute("label", this._str("new.synckey.acceptButton"));
         }
         else {
+          this._passphraseBox.setAttribute("readonly", "true");
           let pp = Weave.Service.passphrase;
-          if (pp.length == 20)
-            pp = gSyncUtils.hyphenatePassphrase(pp);
+          if (Weave.Utils.isPassphrase(pp))
+             pp = Weave.Utils.hyphenatePassphrase(pp);
           document.getElementById("passphraseBox").value = pp;
           document.title = this._str("change.synckey.title");
           introText.innerHTML = this._str("change.synckey.introText");
           introText2.innerHTML = this._str("change.synckey.introText2");
           warningText.innerHTML = this._str("change.synckey2.warningText");
           this._dialog.getButton("accept")
               .setAttribute("label", this._str("change.synckey.acceptButton"));
         }
@@ -143,17 +144,16 @@ let Change = {
   },
 
   _updateStatus: function Change__updateStatus(str, state) {
      this._updateStatusWithString(this._str(str), state);
   },
   
   _updateStatusWithString: function Change__updateStatusWithString(string, state) {
     this._statusRow.hidden = false;
-    document.getElementById("passphraseStrengthRow").hidden = true;
     this._status.value = string;
     this._statusIcon.setAttribute("status", state);
 
     let error = state == "error";
     this._dialog.getButton("cancel").setAttribute("disabled", !error);
     this._dialog.getButton("accept").setAttribute("disabled", !error);
     document.getElementById("printSyncKeyButton").disabled = !error;
     document.getElementById("saveSyncKeyButton").disabled = !error;
@@ -170,25 +170,24 @@ let Change = {
         break;
       case "ChangePassword":
         return this.doChangePassword();
         break;
     }
   },
 
   doGeneratePassphrase: function () {
-    let passphrase = gSyncUtils.generatePassphrase();
+    let passphrase = Weave.Utils.generatePassphrase();
     let el = document.getElementById("passphraseBox");
-    el.value = gSyncUtils.hyphenatePassphrase(passphrase);
-    document.getElementById("passphraseStrengthRow").hidden = true;
+    el.value = Weave.Utils.hyphenatePassphrase(passphrase);
     this._dialog.getButton("accept").disabled = false;
   },
 
   doChangePassphrase: function Change_doChangePassphrase() {
-    let pp = gSyncUtils.normalizePassphrase(this._passphraseBox.value);
+    let pp = Weave.Utils.normalizePassphrase(this._passphraseBox.value);
     if (this._updatingPassphrase) {
       Weave.Service.passphrase = pp;
       if (Weave.Service.login()) {
         this._updateStatus("change.synckey2.success", "success");
         Weave.Service.persistLogin();
       }
       else {
         this._updateStatus("new.passphrase.status.incorrect", "error");
@@ -224,56 +223,42 @@ let Change = {
         this._updateStatus("change.password.status.success", "success");
       else
         this._updateStatus("change.password.status.error", "error");
     }
 
     return false;
   },
 
-  validate: function () {
+  validate: function (event) {
     let valid = false;
     let errorString = "";
 
     if (this._dialogType == "ChangePassword") {
       if (this._currentPasswordInvalid)
         [valid, errorString] = gSyncUtils.validatePassword(this._firstBox);
       else
         [valid, errorString] = gSyncUtils.validatePassword(this._firstBox, this._secondBox);
     }
     else {
-      if (this._updatingPassphrase) {
-        [valid, errorString] = gSyncUtils.validatePassphrase(this._passphraseBox);
-      } else {
-        [valid, errorString] = gSyncUtils.validatePassphrase(this._passphraseBox, true);
-        if (valid)
-          this.displayPassphraseStrength();
-      }
+      if (!this._updatingPassphrase)
+        return;
+
+      if (event.keyCode != event.DOM_VK_BACK_SPACE) {
+        this._passphraseBox.value = Weave.Utils.hyphenatePartialPassphrase(
+          this._passphraseBox.value);
+       }
+      valid = Weave.Utils.isPassphrase(this._passphraseBox.value);
     }
 
     if (errorString == "")
       this._clearStatus();
     else
       this._updateStatusWithString(errorString, "error");
 
     this._statusRow.hidden = valid;
     this._dialog.getButton("accept").disabled = !valid;
   },
 
-  displayPassphraseStrength: function () {
-    let bits = Weave.Utils.passphraseStrength(this._passphraseBox.value);
-    let meter = document.getElementById("passphraseStrength");
-    meter.value = bits;
-    // The generated 20 character passphrase has an entropy of 94 bits
-    // which we consider "strong".
-    if (bits > 94)
-      meter.className = "strong";
-    else if (bits > 47)
-      meter.className = "medium";
-    else
-      meter.className = "";
-    document.getElementById("passphraseStrengthRow").hidden = false;
-  },
-
   _str: function Change__string(str) {
     return this._stringBundle.GetStringFromName(str);
   }
 };
--- a/browser/base/content/syncGenericChange.xul
+++ b/browser/base/content/syncGenericChange.xul
@@ -93,50 +93,31 @@
           <label id="textBox2Label" control="textBox2"/>
           <textbox id="textBox2" type="password" oninput="Change.validate()"/>
           <spacer/>
         </row>
         <row id="passphraseRow" align="center">
           <label id="passphraseLabel" control="passphraseBox"/>
           <textbox id="passphraseBox"
                    onfocus="this.select()"
-                   oninput="Change.validate()"/>
+                   onkeyup="Change.validate(event)"/>
           <label id="generatePassphraseButton"
                  value="&syncKeyGenerate.label;"
                  class="text-link inline-link"
                  onclick="event.stopPropagation();
                           Change.doGeneratePassphrase();"/>
         </row>
       </rows>
     </grid>
 
     <vbox id="feedback" pack="center">
       <hbox id="statusRow" align="center">
         <image id="statusIcon" class="statusIcon"/>
         <label id="status" class="status" value=" "/>
       </hbox>
-
-      <vbox id="passphraseStrengthRow" hidden="true" pack="end">
-        <hbox>
-          <label id="passphraseStrengthLabel"
-                 control="passphraseStrength"
-                 value="&syncKeyStrength.label;"/>
-          <progressmeter id="passphraseStrength"
-                         aria-labelledby="passphraseStrengthLabel"
-                         max="128"
-                         value="0"
-                         flex="1"/>
-        </hbox>
-        <hbox align="right" flex="1">
-          <label class="text-link inline-link"
-                 onclick="event.stopPropagation();
-                          gSyncUtils.openSyncKeyHelp();"
-                 value="&syncKeyHelp.label;"/>
-        </hbox>
-      </vbox>
     </vbox>
 
     <hbox id="passphraseBackupButtons" pack="center">
       <button id="printSyncKeyButton"
               label="&button.syncKeyBackup.print.label;"
               accesskey="&button.syncKeyBackup.print.accesskey;"
               oncommand="gSyncUtils.passphrasePrint('passphraseBox');"/>
       <button id="saveSyncKeyButton"
--- a/browser/base/content/syncSetup.js
+++ b/browser/base/content/syncSetup.js
@@ -70,17 +70,16 @@ var gSyncSetup = {
   _disabledSites: [],
   _remoteSites: [Weave.Service.serverURL, "https://api-secure.recaptcha.net"],
 
   status: {
     password: false,
     email: false,
     server: false
   },
-  _haveSyncKeyBackup: false,
 
   get _usingMainServers() {
     if (this._settingUpNew)
       return document.getElementById("serverType").selectedItem.value == "main";
 
     return document.getElementById("existingServerType").selectedItem.value == "main";
   },
 
@@ -138,17 +137,18 @@ var gSyncSetup = {
   },
 
   useExistingAccount: function () {
     this._settingUpNew = false;
     this.wizard.pageIndex = EXISTING_ACCOUNT_LOGIN_PAGE;
   },
 
   onResetPassphrase: function () {
-    document.getElementById("existingPassphrase").value = Weave.Service.passphrase;
+    document.getElementById("existingPassphrase").value = 
+      Weave.Utils.hyphenatePassphrase(Weave.Service.passphrase);
     this.wizard.advance();
   },
 
   onLoginStart: function () {
     this.toggleLoginFeedback(false);
   },
 
   onLoginEnd: function () {
@@ -194,16 +194,24 @@ var gSyncSetup = {
         // otherwise, fall through
       case "wipeClient":
       case "wipeRemote":
         Weave.Svc.Prefs.set("firstSync", action);
         break;
     }
   },
 
+  onPassphraseKeyUp: function (event) {
+    if (event.keyCode != event.DOM_VK_BACK_SPACE) {
+      let el = event.target;
+      el.value = Weave.Utils.hyphenatePartialPassphrase(el.value);
+    }
+    this.checkFields();
+  },
+
   // fun with validation!
   checkFields: function () {
     this.wizard.canAdvance = this.readyToAdvance();
   },
 
   readyToAdvance: function () {
     switch (this.wizard.pageIndex) {
       case INTRO_PAGE:
@@ -212,31 +220,30 @@ var gSyncSetup = {
         for (i in this.status) {
           if (!this.status[i])
             return false;
         }
         if (this._usingMainServers)
           return document.getElementById("tos").checked;
 
         return true;
-      case NEW_ACCOUNT_PP_PAGE:
-        return this._haveSyncKeyBackup && this.checkPassphrase();
       case EXISTING_ACCOUNT_LOGIN_PAGE:
         let hasUser = document.getElementById("existingAccountName").value != "";
         let hasPass = document.getElementById("existingPassword").value != "";
         if (hasUser && hasPass) {
           if (this._usingMainServers)
             return true;
 
           if (this._validateServer(document.getElementById("existingServerURL"), false))
             return true;
         }
         return false;
       case EXISTING_ACCOUNT_PP_PAGE:
-        return document.getElementById("existingPassphrase").value != "";
+        let el = document.getElementById("existingPassphrase");
+        return Weave.Utils.isPassphrase(el.value);
     }
     // we probably shouldn't get here
     return true;
   },
 
   onEmailInput: function () {
     // Check account validity when the user stops typing for 1 second.
     if (this._checkAccountTimer)
@@ -295,90 +302,21 @@ var gSyncSetup = {
 
     let feedback = document.getElementById("passwordFeedbackRow");
     this._setFeedback(feedback, valid, errorString);
 
     this.status.password = valid;
     this.checkFields();
   },
 
-  onPassphraseChange: function () {
-    // Ignore if there's no actual change from the generated one.
-    let el = document.getElementById("weavePassphrase");
-    if (gSyncUtils.normalizePassphrase(el.value) == Weave.Service.passphrase) {
-      el = document.getElementById("generatePassphraseButton");
-      el.hidden = true;
-      this._haveCustomSyncKey = false;
-      return;
-    }
-
-    this._haveSyncKeyBackup = true;
-    this._haveCustomSyncKey = true;
-    el = document.getElementById("generatePassphraseButton");
-    el.hidden = false;
-    this.checkFields();
-  },
-
   onPassphraseGenerate: function () {
-    let passphrase = gSyncUtils.generatePassphrase();
+    let passphrase = Weave.Utils.generatePassphrase();
     Weave.Service.passphrase = passphrase;
     let el = document.getElementById("weavePassphrase");
-    el.value = gSyncUtils.hyphenatePassphrase(passphrase);
-
-    el = document.getElementById("generatePassphraseButton");
-    el.hidden = true;
-    document.getElementById("passphraseStrengthRow").hidden = true;
-    let feedback = document.getElementById("passphraseFeedbackRow");
-    this._setFeedback(feedback, true, "");
-  },
-
-  afterBackup: function () {
-    this._haveSyncKeyBackup = true;
-    this.checkFields();
-  },
-
-  checkPassphrase: function () {
-    let el1 = document.getElementById("weavePassphrase");
-    let valid, str;
-    // xxxmpc - hack, sigh
-    if (el1.value == document.getElementById("weavePassword").value) {
-      valid = false;
-      str = Weave.Utils.getErrorString("change.synckey.sameAsPassword");
-    }
-    else {
-      [valid, str] = gSyncUtils.validatePassphrase(el1);
-    }
-
-    let feedback = document.getElementById("passphraseFeedbackRow");
-    this._setFeedback(feedback, valid, str);
-    if (!valid) {
-      // Hide strength meter if we're displaying an error.
-      document.getElementById("passphraseStrengthRow").hidden = true;
-      return valid;
-    }
-
-    // No passphrase strength meter for the generated key.
-    if (!this._haveCustomSyncKey)
-      return valid;
-
-    // Display passphrase strength
-    let pp = document.getElementById("weavePassphrase").value;
-    let bits = Weave.Utils.passphraseStrength(pp);
-    let meter = document.getElementById("passphraseStrength");
-    meter.value = bits;
-    // The generated 20 character passphrase has an entropy of 94 bits
-    // which we consider "strong".
-    if (bits > 94)
-      meter.className = "strong";
-    else if (bits > 47)
-      meter.className = "medium";
-    else
-      meter.className = "";
-    document.getElementById("passphraseStrengthRow").hidden = false;
-    return valid;
+    el.value = Weave.Utils.hyphenatePassphrase(passphrase);
   },
 
   onPageShow: function() {
     switch (this.wizard.pageIndex) {
       case INTRO_PAGE:
         this.wizard.getButton("next").hidden = true;
         this.wizard.getButton("back").hidden = true;
         this.wizard.getButton("extra1").hidden = true;
@@ -396,16 +334,19 @@ var gSyncSetup = {
         // fall through
       case EXISTING_ACCOUNT_LOGIN_PAGE:
         this.checkFields();
         this.wizard.getButton("next").hidden = false;
         this.wizard.getButton("back").hidden = false;
         this.wizard.getButton("extra1").hidden = false;
         this.wizard.canRewind = true;
         break;
+      case EXISTING_ACCOUNT_PP_PAGE:
+        this.checkFields();
+        break;
       case SETUP_SUCCESS_PAGE:
         this.wizard.canRewind = false;
         this.wizard.getButton("back").hidden = true;
         this.wizard.getButton("next").hidden = true;
         this.wizard.getButton("cancel").hidden = true;
         this.wizard.getButton("finish").hidden = false;
         this._handleSuccess();
         break;
@@ -481,41 +422,41 @@ var gSyncSetup = {
           this.wizard.pageIndex = SETUP_SUCCESS_PAGE;
           return false;
         }
 
         image.setAttribute("status", "error");
         label.value = Weave.Utils.getErrorString(error);
         return false;
       case NEW_ACCOUNT_PP_PAGE:
-        if (this._haveCustomSyncKey)
-          Weave.Service.passphrase = document.getElementById("weavePassphrase").value;
         // Time to load the captcha.
         // First check for NoScript and whitelist the right sites.
         this._handleNoScript(true);
         this.captchaBrowser.loadURI(Weave.Service.miscAPI + "captcha_html");
         break;
       case EXISTING_ACCOUNT_LOGIN_PAGE:
         Weave.Service.account = document.getElementById("existingAccountName").value;
         Weave.Service.password = document.getElementById("existingPassword").value;
-        Weave.Service.passphrase = document.getElementById("existingPassphrase").value;
+        Weave.Service.passphrase = Weave.Utils.normalizePassphrase(
+            document.getElementById("existingPassphrase").value);
+
         // verifyLogin() will likely return false because we probably don't
         // have a passphrase yet (unless the user already entered it
         // and hit the back button).
         if (!Weave.Service.verifyLogin()
             && Weave.Status.login != Weave.LOGIN_FAILED_NO_PASSPHRASE
             && Weave.Status.login != Weave.LOGIN_FAILED_INVALID_PASSPHRASE) {
           let feedback = document.getElementById("existingPasswordFeedbackRow");
           this._setFeedbackMessage(feedback, false, Weave.Status.login);
           return false;
         }
         break;
       case EXISTING_ACCOUNT_PP_PAGE:
         let pp = document.getElementById("existingPassphrase").value;
-        Weave.Service.passphrase = gSyncUtils.normalizePassphrase(pp);
+        Weave.Service.passphrase = Weave.Utils.normalizePassphrase(pp);
         if (Weave.Service.login())
           this.wizard.pageIndex = SETUP_SUCCESS_PAGE;
         return false;
       case OPTIONS_PAGE:
         let desc = document.getElementById("mergeChoiceRadio").selectedIndex;
         // No confirmation needed on new account setup or merge option
         // with existing account.
         if (this._settingUpNew || (!this._resettingSync && desc == 0))
--- a/browser/base/content/syncSetup.xul
+++ b/browser/base/content/syncSetup.xul
@@ -198,76 +198,35 @@
               onextra1="gSyncSetup.onSyncOptions()"
               onpageshow="gSyncSetup.onPageShow();">
     <description>
       &setup.newSyncKeyPage.description.label;
     </description>
     <spacer/>
 
     <groupbox>
-      <hbox>
-        <label value="&syncKeyEntry.label;"
-               accesskey="&syncKeyEntry.accesskey;"
-               control="weavePassphrase"/>
-        <spacer flex="1" />
-        <label id="generatePassphraseButton"
-               value="&syncKeyGenerate.label;"
-               class="text-link inline-link"
-               onclick="event.stopPropagation();
-                        gSyncSetup.onPassphraseGenerate();"/>
-      </hbox>
+      <label value="&syncKeyEntry.label;"
+             accesskey="&syncKeyEntry.accesskey;"
+             control="weavePassphrase"/>
       <textbox id="weavePassphrase"
-               onkeyup="gSyncSetup.onPassphraseChange()"
-               onchange="gSyncSetup.onPassphraseChange()"
-               onfocus="this.select();
-                        gSyncSetup.afterBackup();"/>
-
-      <vbox id="passphraseFeedback" pack="center">
-        <hbox id="passphraseFeedbackRow" hidden="true" align="center">
-          <spacer/>
-          <hbox>
-            <image class="statusIcon"/>
-            <label class="status" value=" "/>
-          </hbox>
-        </hbox>
-
-        <vbox id="passphraseStrengthRow" hidden="true" pack="end">
-          <hbox>
-            <label id="passphraseStrengthLabel"
-                   control="passphraseStrength"
-                   value="&syncKeyStrength.label;"/>
-            <progressmeter id="passphraseStrength"
-                           aria-labelledby="passphraseStrengthLabel"
-                           max="128"
-                           value="0"
-                           flex="1"/>
-          </hbox>
-          <hbox align="right" flex="1">
-            <label class="text-link inline-link"
-                   onclick="event.stopPropagation();
-                            gSyncUtils.openSyncKeyHelp();"
-                   value="&syncKeyHelp.label;"/>
-          </hbox>
-        </vbox>
-      </vbox>
+               readonly="true"
+               onfocus="this.select();"/>
     </groupbox>
 
     <groupbox align="center">
       <description>&syncKeyBackup.description;</description>
       <hbox>
         <button id="printSyncKeyButton"
                 label="&button.syncKeyBackup.print.label;"
                 accesskey="&button.syncKeyBackup.print.accesskey;"
-                oncommand="gSyncUtils.passphrasePrint('weavePassphrase');
-                           gSyncSetup.afterBackup();"/>
+                oncommand="gSyncUtils.passphrasePrint('weavePassphrase');"/>
         <button id="saveSyncKeyButton"
                 label="&button.syncKeyBackup.save.label;"
                 accesskey="&button.syncKeyBackup.save.accesskey;"
-                oncommand="gSyncUtils.passphraseSave('weavePassphrase');
-                           gSyncSetup.afterBackup();"/>
+                oncommand="gSyncUtils.passphraseSave('weavePassphrase');"/>
       </hbox>
     </groupbox>
   </wizardpage>
 
   <wizardpage label="&setup.captchaPage2.title.label;"
               onextra1="gSyncSetup.onSyncOptions()">
     <vbox flex="1" align="center">
       <browser height="150"
@@ -355,22 +314,23 @@
               <label value="&connecting.label;"/>
           </hbox>
           </row>
         </rows>
       </grid>
   </wizardpage>
 
   <wizardpage id="existingPassphraseEntry"
+              label="&setup.existingSyncKeyPage.title;"
               onextra1="gSyncSetup.onSyncOptions()"
-              label="&setup.existingSyncKeyPage.title;">
+              onpageshow="gSyncSetup.onPageShow()">
     <description>&setup.existingSyncKeyPage.description;</description>
     <textbox id="existingPassphrase"
-             onkeyup="gSyncSetup.checkFields(event)"
-             onchange="gSyncSetup.checkFields(event)"/>
+             onkeyup="gSyncSetup.onPassphraseKeyUp(event)"
+             onchange="gSyncSetup.checkFields()"/>
     <hbox id="passphrase-throbber" hidden="true">
       <image/>
       <label value="&verifying.label;"/>
     </hbox>
     <hbox align="left" id="existingPassphraseFeedbackBox">
       <spacer/>
       <hbox>
         <image class="statusIcon"/>
--- a/browser/base/content/syncUtils.js
+++ b/browser/base/content/syncUtils.js
@@ -100,65 +100,30 @@ let gSyncUtils = {
   openToS: function () {
     this._openLink(Weave.Svc.Prefs.get("termsURL"));
   },
 
   openPrivacyPolicy: function () {
     this._openLink(Weave.Svc.Prefs.get("privacyURL"));
   },
 
-  openSyncKeyHelp: function () {
-    this._openLink(Weave.Svc.Prefs.get("syncKeyHelpURL"));
-  },
-
   // xxxmpc - fix domain before 1.3 final (bug 583652)
   _baseURL: "http://www.mozilla.com/firefox/sync/",
 
   openFirstClientFirstrun: function () {
     let url = this._baseURL + "firstrun.html";
     this._openLink(url);
   },
 
   openAddedClientFirstrun: function () {
     let url = this._baseURL + "secondrun.html";
     this._openLink(url);
   },
 
   /**
-   * Generate 20 random characters a-z
-   */
-  generatePassphrase: function() {
-    let rng = Cc["@mozilla.org/security/random-generator;1"]
-                .createInstance(Ci.nsIRandomGenerator);
-    let bytes = rng.generateRandomBytes(20);
-    return [String.fromCharCode(97 + Math.floor(byte * 26 / 256))
-            for each (byte in bytes)].join("");
-  },
-
-  /**
-   * Hyphenate a 20 character passphrase in 4 groups of 5.
-   */
-  hyphenatePassphrase: function(passphrase) {
-    return passphrase.slice(0, 5) + '-'
-         + passphrase.slice(5, 10) + '-'
-         + passphrase.slice(10, 15) + '-'
-         + passphrase.slice(15, 20);
-  },
-
-  /**
-   * Remove hyphens as inserted by hyphenatePassphrase().
-   */
-  normalizePassphrase: function(pp) {
-    if (pp.length == 23 && pp[5] == '-' && pp[11] == '-' && pp[17] == '-')
-      return pp.slice(0, 5) + pp.slice(6, 11)
-           + pp.slice(12, 17) + pp.slice(18, 23);
-    return pp;
-  },
-
-  /**
    * Prepare an invisible iframe with the passphrase backup document.
    * Used by both the print and saving methods.
    *
    * @param elid : ID of the form element containing the passphrase.
    * @param callback : Function called once the iframe has loaded.
    */
   _preparePPiframe: function(elid, callback) {
     let pp = document.getElementById(elid).value;
@@ -279,41 +244,10 @@ let gSyncUtils = {
         valid = true;
       else if (val1.length < Weave.MIN_PASS_LENGTH)
         error = "change.password.tooShort";
       else if (val1 != val2)
         error = "change.password.mismatch";
     }
     let errorString = error ? Weave.Utils.getErrorString(error) : "";
     return [valid, errorString];
-  },
-
-  /**
-   * validatePassphrase
-   *
-   * @param el : the textbox element
-   * @param change : indicate whether this signifies a passphrase change
-   * 
-   * returns [valid, errorString]
-   */
-  validatePassphrase: function (el, change) {
-    let valid = false;
-    let val = el.value;
-    let error = "";
-
-    if (val.length < Weave.MIN_PP_LENGTH)
-      error = "change.synckey.tooShort";
-    else if (val == Weave.Service.username)
-      error = "change.synckey.sameAsUsername";
-    else if (val == Weave.Service.account)
-      error = "change.synckey.sameAsEmail";
-    else if (val == Weave.Service.password)
-      error = "change.synckey.sameAsPassword";
-    else if (change && val == Weave.Service.passphrase)
-      error = "change.synckey.sameAsSyncKey";
-    else
-      valid = true;
-
-    let errorString = error ? Weave.Utils.getErrorString(error) : "";
-    return [valid, errorString];
   }
-}
-
+};
--- a/browser/locales/en-US/chrome/browser/syncSetup.dtd
+++ b/browser/locales/en-US/chrome/browser/syncSetup.dtd
@@ -38,18 +38,16 @@
 <!ENTITY setup.tosAgree2.accesskey  "">
 
 <!-- New Account Page 2: Sync Key -->
 <!ENTITY setup.newSyncKeyPage.title.label "&brandShortName; Cares About Your Privacy">
 <!ENTITY setup.newSyncKeyPage.description.label "To ensure your total privacy, all of your data is encrypted prior to being uploaded. The Sync Key which is necessary to decrypt your data is not uploaded.">
 <!ENTITY syncKeyEntry.label        "Your Sync Key">
 <!ENTITY syncKeyEntry.accesskey    "K">
 <!ENTITY syncKeyGenerate.label     "Generate">
-<!ENTITY syncKeyStrength.label     "Strength:">
-<!ENTITY syncKeyHelp.label         "What does the strength mean?">
 <!ENTITY syncKeyBackup.description "Your Sync Key is required to access &syncBrand.fullName.label; on other machines. Please create a backup copy. We cannot help you recover your Sync Key.">
 
 <!ENTITY button.syncKeyBackup.print.label     "Print…">
 <!ENTITY button.syncKeyBackup.print.accesskey "P">
 <!ENTITY button.syncKeyBackup.save.label      "Save…">
 <!ENTITY button.syncKeyBackup.save.accesskey  "S">
 
 <!-- New Account Page 3: Captcha -->
--- a/browser/themes/gnomestripe/browser/syncCommon.css
+++ b/browser/themes/gnomestripe/browser/syncCommon.css
@@ -35,30 +35,11 @@ dialog#change-dialog {
 image#syncIcon {
   list-style-image: url("chrome://browser/skin/sync-32.png");
 }
 
 #introText {
   margin-top: 2px;
 }
 
-#feedback,
-#passphraseFeedback {
-  height: 4em;
-}
-
-#passphraseStrength {
-  -moz-appearance: none;
-  height: 10px;
-  margin: 4px 0;
+#feedback {
+  height: 2em;
 }
-
-#passphraseStrength > .progress-bar {
-  background-color: #ff0000;
-}
-
-#passphraseStrength.medium > .progress-bar {
-  background-color: #ffcc33;
-}
-
-#passphraseStrength.strong > .progress-bar {
-  background-color: #00ff00;
-}
--- a/browser/themes/pinstripe/browser/syncCommon.css
+++ b/browser/themes/pinstripe/browser/syncCommon.css
@@ -35,31 +35,11 @@ dialog#change-dialog {
 image#syncIcon {
   list-style-image: url("chrome://browser/skin/sync-32.png");
 }
 
 #introText {
   margin-top: 2px;
 }
 
-#feedback,
-#passphraseFeedback {
-  height: 4em;
-}
-
-#passphraseStrength {
-  -moz-binding: url("chrome://global/content/bindings/progressmeter.xml#progressmeter");
-  -moz-appearance: none;
-  height: 10px;
-  margin: 4px 0;
+#feedback {
+  height: 2em;
 }
-
-#passphraseStrength > .progress-bar {
-  background-color: #ff0000;
-}
-
-#passphraseStrength.medium > .progress-bar {
-  background-color: #ffcc33;
-}
-
-#passphraseStrength.strong > .progress-bar {
-  background-color: #00ff00;
-}
--- a/browser/themes/winstripe/browser/syncCommon.css
+++ b/browser/themes/winstripe/browser/syncCommon.css
@@ -35,30 +35,11 @@ dialog#change-dialog {
 image#syncIcon {
   list-style-image: url("chrome://browser/skin/sync-32.png");
 }
 
 #introText {
   margin-top: 2px;
 }
 
-#feedback,
-#passphraseFeedback {
-  height: 4em;
-}
-
-#passphraseStrength {
-  -moz-appearance: none;
-  height: 10px;
-  margin: 4px 0;
+#feedback {
+  height: 2em;
 }
-
-#passphraseStrength > .progress-bar {
-  background-color: #ff0000;
-}
-
-#passphraseStrength.medium > .progress-bar {
-  background-color: #ffcc33;
-}
-
-#passphraseStrength.strong > .progress-bar {
-  background-color: #00ff00;
-}