From 2924bdb35fea1c13ca886b319988c1e8cd4d12f0 Mon Sep 17 00:00:00 2001
From: Sergey Galich <sgalich@mozilla.com>
Date: Thu, 17 Feb 2022 17:29:57 +0000
Subject: [PATCH] Bug 1653486 - Replace all non-user-facing references to
 "master" password. r=dimi,tgiles,preferences-reviewers

Differential Revision: https://phabricator.services.mozilla.com/D138113
---
 browser/base/content/browser-sync.js          |  2 +-
 browser/base/content/nsContextMenu.js         |  2 +-
 browser/components/BrowserGlue.jsm            |  2 +-
 .../aboutlogins/AboutLoginsChild.jsm          | 26 ++++++------
 .../aboutlogins/AboutLoginsParent.jsm         | 20 ++++-----
 .../aboutlogins/content/aboutLogins.css       | 10 ++---
 .../aboutlogins/content/aboutLogins.html      |  2 +-
 .../aboutlogins/content/aboutLogins.js        |  6 +--
 .../aboutlogins/content/aboutLoginsUtils.js   |  4 +-
 .../content/components/login-item.js          | 20 ++++-----
 .../aboutlogins/tests/browser/browser.ini     |  2 +-
 ...Password.js => browser_primaryPassword.js} | 34 +++++++--------
 .../aboutlogins/tests/browser/head.js         |  6 +--
 .../tests/chrome/aboutlogins_common.js        |  4 +-
 .../tests/chrome/test_login_item.html         |  6 +--
 .../browser_policy_disable_masterpassword.js  |  6 +--
 .../browser/browser_policy_masterpassword.js  | 10 ++---
 ...owser_policy_masterpassword_aboutlogins.js |  2 +-
 .../payments/content/paymentDialogWrapper.js  |  6 +--
 .../components/preferences/fxaPairDevice.js   |  2 +-
 browser/components/preferences/privacy.js     |  8 ++--
 .../components/preferences/tests/browser.ini  |  2 +-
 ...password.js => browser_primaryPassword.js} | 42 +++++++++----------
 modules/libpref/init/all.js                   |  2 +-
 ...DB_export_pkcs12_with_primary_password.js} |  4 +-
 ...st_certDB_import_with_primary_password.js} |  4 +-
 security/manager/ssl/tests/unit/xpcshell.ini  |  4 +-
 services/sync/modules/constants.js            |  2 +-
 .../tests/mozmill-restart-example.ini         |  2 +-
 .../tests/browser/browser_auth_tokens.js      |  4 +-
 .../components/passwordmgr/LoginHelper.jsm    | 20 ++++-----
 .../components/passwordmgr/LoginManager.jsm   |  6 +--
 .../passwordmgr/LoginManagerAuthPrompter.jsm  |  4 +-
 .../passwordmgr/LoginManagerChild.jsm         | 42 +++++++++----------
 .../passwordmgr/LoginManagerParent.jsm        | 20 ++++-----
 .../passwordmgr/LoginManagerPrompter.jsm      |  6 +--
 toolkit/components/passwordmgr/crypto-SDR.js  | 18 ++++----
 .../passwordmgr/nsILoginManager.idl           | 12 +++---
 .../passwordmgr/nsILoginManagerCrypto.idl     | 10 ++---
 .../passwordmgr/nsILoginManagerStorage.idl    | 12 +++---
 .../components/passwordmgr/storage-json.js    | 14 +++----
 .../passwordmgr/test/LoginTestUtils.jsm       |  8 ++--
 .../passwordmgr/test/browser/browser.ini      |  2 +-
 ... browser_autocomplete_primary_password.js} | 16 +++----
 .../browser_autofill_hidden_document.js       | 22 +++++-----
 ...browser_context_menu_generated_password.js |  8 ++--
 .../browser_doorhanger_form_password_edit.js  |  4 +-
 .../browser/browser_doorhanger_toggles.js     | 18 ++++----
 .../passwordmgr/test/mochitest/mochitest.ini  |  4 +-
 .../test/mochitest/pwmgr_common.js            | 16 +++----
 .../test/mochitest/pwmgr_common_parent.js     |  6 +--
 ...ter_pass.html => subtst_primary_pass.html} |  0
 ...ssword.html => test_primary_password.html} | 24 +++++------
 ...nManagerPrompter_getUsernameSuggestions.js |  4 +-
 .../test/unit/test_logins_decrypt_failure.js  | 12 +++---
 55 files changed, 277 insertions(+), 277 deletions(-)
 rename browser/components/aboutlogins/tests/browser/{browser_masterPassword.js => browser_primaryPassword.js} (89%)
 rename browser/components/preferences/tests/{browser_masterpassword.js => browser_primaryPassword.js} (71%)
 rename security/manager/ssl/tests/unit/{test_certDB_export_pkcs12_with_master_password.js => test_certDB_export_pkcs12_with_primary_password.js} (98%)
 rename security/manager/ssl/tests/unit/{test_certDB_import_with_master_password.js => test_certDB_import_with_primary_password.js} (98%)
 rename toolkit/components/passwordmgr/test/browser/{browser_autocomplete_master_password.js => browser_autocomplete_primary_password.js} (88%)
 rename toolkit/components/passwordmgr/test/mochitest/{subtst_master_pass.html => subtst_primary_pass.html} (100%)
 rename toolkit/components/passwordmgr/test/mochitest/{test_master_password.html => test_primary_password.html} (94%)

diff --git a/browser/base/content/browser-sync.js b/browser/base/content/browser-sync.js
index 70163297fe2a..8bd7e0e21d2d 100644
--- a/browser/base/content/browser-sync.js
+++ b/browser/base/content/browser-sync.js
@@ -1223,7 +1223,7 @@ var gSync = {
         this.log.error(`Target ${target.id} unsuitable for send tab.`);
       }
     }
-    // If a master-password is enabled then it must be unlocked so FxA can get
+    // If a primary-password is enabled then it must be unlocked so FxA can get
     // the encryption keys from the login manager. (If we end up using the "sync"
     // fallback that would end up prompting by itself, but the FxA command route
     // will not) - so force that here.
diff --git a/browser/base/content/nsContextMenu.js b/browser/base/content/nsContextMenu.js
index df85af06ef71..40dd0d3c1a95 100644
--- a/browser/base/content/nsContextMenu.js
+++ b/browser/base/content/nsContextMenu.js
@@ -980,7 +980,7 @@ class nsContextMenu {
       }
       showManage = true;
 
-      // Disable the fill option if the user hasn't unlocked with their master password
+      // Disable the fill option if the user hasn't unlocked with their primary password
       // or if the password field or target field are disabled.
       // XXX: Bug 1529025 to maybe respect signon.rememberSignons.
       let loginFillInfo = this.contentData?.loginFillInfo;
diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm
index 8da668521f86..1a08b59f2370 100644
--- a/browser/components/BrowserGlue.jsm
+++ b/browser/components/BrowserGlue.jsm
@@ -2828,7 +2828,7 @@ BrowserGlue.prototype = {
   _scheduleBestEffortUserIdleTasks() {
     const idleTasks = [
       () => {
-        // Telemetry for master-password - we do this after a delay as it
+        // Telemetry for primary-password - we do this after a delay as it
         // can cause IO if NSS/PSM has not already initialized.
         let tokenDB = Cc["@mozilla.org/security/pk11tokendb;1"].getService(
           Ci.nsIPK11TokenDB
diff --git a/browser/components/aboutlogins/AboutLoginsChild.jsm b/browser/components/aboutlogins/AboutLoginsChild.jsm
index f79416a450c0..95e4f24a580a 100644
--- a/browser/components/aboutlogins/AboutLoginsChild.jsm
+++ b/browser/components/aboutlogins/AboutLoginsChild.jsm
@@ -32,7 +32,7 @@ const TELEMETRY_MIN_MS_BETWEEN_OPEN_MANAGEMENT = 5000;
 
 let gLastOpenManagementBrowserId = null;
 let gLastOpenManagementEventTime = Number.NEGATIVE_INFINITY;
-let gMasterPasswordPromise;
+let gPrimaryPasswordPromise;
 
 function recordTelemetryEvent(event) {
   try {
@@ -144,26 +144,26 @@ class AboutLoginsChild extends JSWindowActorChild {
         Services.focus.setFocus(element, Services.focus.FLAG_BYKEY);
       },
       /**
-       * Shows the Master Password prompt if enabled, or the
+       * Shows the Primary Password prompt if enabled, or the
        * OS auth dialog otherwise.
        * @param resolve Callback that is called with result of authentication.
        * @param messageId The string ID that corresponds to a string stored in aboutLogins.ftl.
        *                  This string will be displayed only when the OS auth dialog is used.
        */
-      async promptForMasterPassword(resolve, messageId) {
-        gMasterPasswordPromise = {
+      async promptForPrimaryPassword(resolve, messageId) {
+        gPrimaryPasswordPromise = {
           resolve,
         };
 
         that.sendAsyncMessage("AboutLogins:PrimaryPasswordRequest", messageId);
 
-        return gMasterPasswordPromise;
+        return gPrimaryPasswordPromise;
       },
       fileImportEnabled: Services.prefs.getBoolPref(
         "signon.management.page.fileImport.enabled"
       ),
       // Default to enabled just in case a search is attempted before we get a response.
-      masterPasswordEnabled: true,
+      primaryPasswordEnabled: true,
       passwordRevealVisible: true,
     };
     waivedContent.AboutLoginsUtils = Cu.cloneInto(
@@ -283,8 +283,8 @@ class AboutLoginsChild extends JSWindowActorChild {
       case "AboutLogins:ImportReportData":
         this.onImportReportData(message.data);
         break;
-      case "AboutLogins:MasterPasswordResponse":
-        this.onMasterPasswordResponse(message.data);
+      case "AboutLogins:PrimaryPasswordResponse":
+        this.onPrimaryPasswordResponse(message.data);
         break;
       case "AboutLogins:RemaskPassword":
         this.onRemaskPassword(message.data);
@@ -301,9 +301,9 @@ class AboutLoginsChild extends JSWindowActorChild {
     this.sendToContent("ImportReportData", data);
   }
 
-  onMasterPasswordResponse(data) {
-    if (gMasterPasswordPromise) {
-      gMasterPasswordPromise.resolve(data.result);
+  onPrimaryPasswordResponse(data) {
+    if (gPrimaryPasswordPromise) {
+      gPrimaryPasswordPromise.resolve(data.result);
       recordTelemetryEvent(data.telemetryEvent);
     }
   }
@@ -314,8 +314,8 @@ class AboutLoginsChild extends JSWindowActorChild {
 
   onSetup(data) {
     let waivedContent = Cu.waiveXrays(this.browsingContext.window);
-    waivedContent.AboutLoginsUtils.masterPasswordEnabled =
-      data.masterPasswordEnabled;
+    waivedContent.AboutLoginsUtils.primaryPasswordEnabled =
+      data.primaryPasswordEnabled;
     waivedContent.AboutLoginsUtils.passwordRevealVisible =
       data.passwordRevealVisible;
     waivedContent.AboutLoginsUtils.importVisible = data.importVisible;
diff --git a/browser/components/aboutlogins/AboutLoginsParent.jsm b/browser/components/aboutlogins/AboutLoginsParent.jsm
index 1d0c71511e2b..e6fdb454fce4 100644
--- a/browser/components/aboutlogins/AboutLoginsParent.jsm
+++ b/browser/components/aboutlogins/AboutLoginsParent.jsm
@@ -61,7 +61,7 @@ XPCOMUtils.defineLazyGetter(this, "AboutLoginsL10n", () => {
 
 const ABOUT_LOGINS_ORIGIN = "about:logins";
 const AUTH_TIMEOUT_MS = 5 * 60 * 1000; // 5 minutes
-const MASTER_PASSWORD_NOTIFICATION_ID = "master-password-login-required";
+const PRIMARY_PASSWORD_NOTIFICATION_ID = "primary-password-login-required";
 
 // about:logins will always use the privileged content process,
 // even if it is disabled for other consumers such as about:newtab.
@@ -175,13 +175,13 @@ class AboutLoginsParent extends JSWindowActorParent {
 
   #createLogin(newLogin) {
     if (!Services.policies.isAllowed("removeMasterPassword")) {
-      if (!LoginHelper.isMasterPasswordSet()) {
+      if (!LoginHelper.isPrimaryPasswordSet()) {
         this.#ownerGlobal.openDialog(
           "chrome://mozapps/content/preferences/changemp.xhtml",
           "",
           "centerscreen,chrome,modal,titlebar"
         );
-        if (!LoginHelper.isMasterPasswordSet()) {
+        if (!LoginHelper.isPrimaryPasswordSet()) {
           return;
         }
       }
@@ -283,7 +283,7 @@ class AboutLoginsParent extends JSWindowActorParent {
       messageText.value,
       captionText.value
     );
-    this.sendAsyncMessage("AboutLogins:MasterPasswordResponse", {
+    this.sendAsyncMessage("AboutLogins:PrimaryPasswordResponse", {
       result: isAuthorized,
       telemetryEvent,
     });
@@ -324,7 +324,7 @@ class AboutLoginsParent extends JSWindowActorParent {
         logins,
         selectedSort,
         syncState,
-        masterPasswordEnabled: LoginHelper.isMasterPasswordSet(),
+        primaryPasswordEnabled: LoginHelper.isPrimaryPasswordSet(),
         passwordRevealVisible: Services.policies.isAllowed("passwordReveal"),
         importVisible:
           Services.policies.isAllowed("profileImport") &&
@@ -560,13 +560,13 @@ var AboutLogins = {
     }
 
     if (topic == "passwordmgr-crypto-login") {
-      this.removeNotifications(MASTER_PASSWORD_NOTIFICATION_ID);
+      this.removeNotifications(PRIMARY_PASSWORD_NOTIFICATION_ID);
       await this._reloadAllLogins();
       return;
     }
 
     if (topic == "passwordmgr-crypto-loginCanceled") {
-      this.showMasterPasswordLoginNotifications();
+      this.showPrimaryPasswordLoginNotifications();
       return;
     }
 
@@ -686,9 +686,9 @@ var AboutLogins = {
     await this._sendAllLoginRelatedObjects(logins);
   },
 
-  showMasterPasswordLoginNotifications() {
+  showPrimaryPasswordLoginNotifications() {
     this.showNotifications({
-      id: MASTER_PASSWORD_NOTIFICATION_ID,
+      id: PRIMARY_PASSWORD_NOTIFICATION_ID,
       priority: "PRIORITY_WARNING_MEDIUM",
       iconURL: "chrome://browser/skin/login.svg",
       messageId: "about-logins-primary-password-notification-message",
@@ -699,7 +699,7 @@ var AboutLogins = {
         },
       ],
     });
-    this.messageSubscribers("AboutLogins:MasterPasswordAuthRequired");
+    this.messageSubscribers("AboutLogins:PrimaryPasswordAuthRequired");
   },
 
   showNotifications({
diff --git a/browser/components/aboutlogins/content/aboutLogins.css b/browser/components/aboutlogins/content/aboutLogins.css
index 9f6df739a06e..0c96440ec996 100644
--- a/browser/components/aboutlogins/content/aboutLogins.css
+++ b/browser/components/aboutlogins/content/aboutLogins.css
@@ -73,17 +73,17 @@ login-item[data-editing="true"] + login-intro,
   visibility: hidden;
 }
 
-:root:not(.master-password-auth-required) #master-password-required-overlay {
+:root:not(.primary-password-auth-required) #primary-password-required-overlay {
   display: none;
 }
 
-.master-password-auth-required > body > header,
-.master-password-auth-required > body > login-list,
-.master-password-auth-required > body > section {
+.primary-password-auth-required > body > header,
+.primary-password-auth-required > body > login-list,
+.primary-password-auth-required > body > section {
   filter: blur(2px)
 }
 
-#master-password-required-overlay {
+#primary-password-required-overlay {
   z-index: 1;
   position: fixed;
   width: 100vw;
diff --git a/browser/components/aboutlogins/content/aboutLogins.html b/browser/components/aboutlogins/content/aboutLogins.html
index 74c852feba0c..ef0e02c2b0d6 100644
--- a/browser/components/aboutlogins/content/aboutLogins.html
+++ b/browser/components/aboutlogins/content/aboutLogins.html
@@ -47,7 +47,7 @@
     <remove-logins-dialog hidden></remove-logins-dialog>
     <import-summary-dialog hidden></import-summary-dialog>
     <import-error-dialog hidden></import-error-dialog>
-    <div id="master-password-required-overlay"></div>
+    <div id="primary-password-required-overlay"></div>
 
     <template id="confirmation-dialog-template">
       <link rel="stylesheet" href="chrome://global/skin/in-content/common.css">
diff --git a/browser/components/aboutlogins/content/aboutLogins.js b/browser/components/aboutlogins/content/aboutLogins.js
index 494ef5c7a15b..3e9374081dd6 100644
--- a/browser/components/aboutlogins/content/aboutLogins.js
+++ b/browser/components/aboutlogins/content/aboutLogins.js
@@ -53,7 +53,7 @@ window.addEventListener("AboutLoginsChromeToContent", event => {
   switch (event.detail.messageType) {
     case "AllLogins": {
       document.documentElement.classList.remove(
-        "master-password-auth-required"
+        "primary-password-auth-required"
       );
       setKeyboardAccessForNonDialogElements(true);
       handleAllLogins(event.detail.value);
@@ -94,8 +94,8 @@ window.addEventListener("AboutLoginsChromeToContent", event => {
       updateNoLogins();
       break;
     }
-    case "MasterPasswordAuthRequired": {
-      document.documentElement.classList.add("master-password-auth-required");
+    case "PrimaryPasswordAuthRequired": {
+      document.documentElement.classList.add("primary-password-auth-required");
       setKeyboardAccessForNonDialogElements(false);
       break;
     }
diff --git a/browser/components/aboutlogins/content/aboutLoginsUtils.js b/browser/components/aboutlogins/content/aboutLoginsUtils.js
index 86821540b05b..150f1b18e396 100644
--- a/browser/components/aboutlogins/content/aboutLoginsUtils.js
+++ b/browser/components/aboutlogins/content/aboutLoginsUtils.js
@@ -49,9 +49,9 @@ export function setKeyboardAccessForNonDialogElements(enableKeyboardAccess) {
   });
 }
 
-export function promptForMasterPassword(messageId) {
+export function promptForPrimaryPassword(messageId) {
   return new Promise(resolve => {
-    window.AboutLoginsUtils.promptForMasterPassword(resolve, messageId);
+    window.AboutLoginsUtils.promptForPrimaryPassword(resolve, messageId);
   });
 }
 
diff --git a/browser/components/aboutlogins/content/components/login-item.js b/browser/components/aboutlogins/content/components/login-item.js
index 9924dd11f63f..2b4805a57a04 100644
--- a/browser/components/aboutlogins/content/components/login-item.js
+++ b/browser/components/aboutlogins/content/components/login-item.js
@@ -4,7 +4,7 @@
 
 import {
   recordTelemetryEvent,
-  promptForMasterPassword,
+  promptForPrimaryPassword,
 } from "../aboutLoginsUtils.js";
 
 export default class LoginItem extends HTMLElement {
@@ -232,7 +232,7 @@ export default class LoginItem extends HTMLElement {
     if (this._login.password) {
       // We use .value instead of .defaultValue since the latter updates the
       // content attribute making the password easily viewable with Inspect
-      // Element even when Master Password is enabled. This is only run when
+      // Element even when Primary Password is enabled. This is only run when
       // the password is non-empty since setting the field to an empty value
       // would mark the field as 'dirty' for form validation and thus trigger
       // the error styling since the password field is 'required'.
@@ -351,12 +351,12 @@ export default class LoginItem extends HTMLElement {
       case "click": {
         let classList = event.currentTarget.classList;
         if (classList.contains("reveal-password-checkbox")) {
-          // We prompt for the master password when entering edit mode already.
+          // We prompt for the primary password when entering edit mode already.
           if (this._revealCheckbox.checked && !this.dataset.editing) {
-            let masterPasswordAuth = await promptForMasterPassword(
+            let primaryPasswordAuth = await promptForPrimaryPassword(
               "about-logins-reveal-password-os-auth-dialog-message"
             );
-            if (!masterPasswordAuth) {
+            if (!primaryPasswordAuth) {
               this._revealCheckbox.checked = false;
               return;
             }
@@ -403,10 +403,10 @@ export default class LoginItem extends HTMLElement {
               ? this._copyUsernameButton
               : this._copyPasswordButton;
           if (copyButton.dataset.copyLoginProperty == "password") {
-            let masterPasswordAuth = await promptForMasterPassword(
+            let primaryPasswordAuth = await promptForPrimaryPassword(
               "about-logins-copy-password-os-auth-dialog-message"
             );
-            if (!masterPasswordAuth) {
+            if (!primaryPasswordAuth) {
               return;
             }
           }
@@ -458,10 +458,10 @@ export default class LoginItem extends HTMLElement {
           return;
         }
         if (classList.contains("edit-button")) {
-          let masterPasswordAuth = await promptForMasterPassword(
+          let primaryPasswordAuth = await promptForPrimaryPassword(
             "about-logins-edit-login-os-auth-dialog-message"
           );
-          if (!masterPasswordAuth) {
+          if (!primaryPasswordAuth) {
             return;
           }
 
@@ -884,7 +884,7 @@ export default class LoginItem extends HTMLElement {
     this._passwordInput.type = inputType;
 
     // Swap which <input> is in the document depending on whether we need the
-    // real .value (which means that the master password was already entered,
+    // real .value (which means that the primary password was already entered,
     // if applicable)
     if (checked || this.dataset.editing) {
       this._passwordDisplayInput.replaceWith(this._passwordInput);
diff --git a/browser/components/aboutlogins/tests/browser/browser.ini b/browser/components/aboutlogins/tests/browser/browser.ini
index 0c6ece3db39b..fc21460f983b 100644
--- a/browser/components/aboutlogins/tests/browser/browser.ini
+++ b/browser/components/aboutlogins/tests/browser/browser.ini
@@ -29,7 +29,7 @@ skip-if = debug # Bug 1577710
 [browser_loginListChanges.js]
 [browser_loginSortOrderRestored.js]
 skip-if = os == 'linux' && bits == 64 && os_version == '18.04' # Bug 1587625; Bug 1587626 for linux1804
-[browser_masterPassword.js]
+[browser_primaryPassword.js]
 skip-if =
     (os == 'linux') # bug 1569789
 [browser_noLoginsView.js]
diff --git a/browser/components/aboutlogins/tests/browser/browser_masterPassword.js b/browser/components/aboutlogins/tests/browser/browser_primaryPassword.js
similarity index 89%
rename from browser/components/aboutlogins/tests/browser/browser_masterPassword.js
rename to browser/components/aboutlogins/tests/browser/browser_primaryPassword.js
index 26f79d16f13d..6bd89b6ad9db 100644
--- a/browser/components/aboutlogins/tests/browser/browser_masterPassword.js
+++ b/browser/components/aboutlogins/tests/browser/browser_primaryPassword.js
@@ -21,14 +21,14 @@ add_task(async function setup() {
   await addLogin(TEST_LOGIN1);
   registerCleanupFunction(() => {
     Services.logins.removeAllUserFacingLogins();
-    LoginTestUtils.masterPassword.disable();
+    LoginTestUtils.primaryPassword.disable();
   });
 });
 
 add_task(async function test() {
   // Confirm that the mocking of the OS auth dialog isn't enabled so the
   // test will timeout if a real OS auth dialog is shown. We don't show
-  // the OS auth dialog when Master Password is enabled.
+  // the OS auth dialog when Primary Password is enabled.
   is(
     Services.prefs.getStringPref(
       "toolkit.osKeyStore.unofficialBuildOnlyLogin",
@@ -37,7 +37,7 @@ add_task(async function test() {
     "",
     "Pref should be set to default value of empty string to start the test"
   );
-  LoginTestUtils.masterPassword.enable();
+  LoginTestUtils.primaryPassword.enable();
 
   let mpDialogShown = forceAuthTimeoutAndWaitForMPDialog("cancel");
   await BrowserTestUtils.openNewForegroundTab({
@@ -59,13 +59,13 @@ add_task(async function test() {
     () =>
       (notification = gBrowser
         .getNotificationBox()
-        .getNotificationWithValue("master-password-login-required")),
-    "waiting for master-password-login-required notification"
+        .getNotificationWithValue("primary-password-login-required")),
+    "waiting for primary-password-login-required notification"
   );
 
   ok(
     notification,
-    "master-password-login-required notification should be visible"
+    "primary-password-login-required notification should be visible"
   );
 
   let buttons = notification.buttonContainer.querySelectorAll(
@@ -74,7 +74,7 @@ add_task(async function test() {
   is(buttons.length, 1, "Should have one button.");
 
   let refreshPromise = BrowserTestUtils.browserLoaded(browser);
-  // Sign in with the Master Password this time the dialog is shown
+  // Sign in with the Primary Password this time the dialog is shown
   mpDialogShown = forceAuthTimeoutAndWaitForMPDialog("authenticate");
   // Click the button to reload the page.
   buttons[0].click();
@@ -82,7 +82,7 @@ add_task(async function test() {
   info("Page reloaded");
 
   await mpDialogShown;
-  info("Master Password dialog shown and authenticated");
+  info("Primary Password dialog shown and authenticated");
 
   logins = await waitForLoginCountToReach(browser, 1);
   is(logins, 1, "Logins should be displayed when MP is set and authenticated");
@@ -97,7 +97,7 @@ add_task(async function test() {
     copyButton.click();
   });
   await mpDialogShown;
-  info("Master Password dialog shown and canceled");
+  info("Primary Password dialog shown and canceled");
   mpDialogShown = forceAuthTimeoutAndWaitForMPDialog("authenticate");
   info("Clicking copy password button again");
   await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function() {
@@ -108,7 +108,7 @@ add_task(async function test() {
     copyButton.click();
   });
   await mpDialogShown;
-  info("Master Password dialog shown and authenticated");
+  info("Primary Password dialog shown and authenticated");
   await SpecialPowers.spawn(browser, [], async function() {
     let loginItem = content.document.querySelector("login-item");
     let copyButton = loginItem.shadowRoot.querySelector(
@@ -130,7 +130,7 @@ add_task(async function test() {
     revealCheckbox.click();
   });
   await mpDialogShown;
-  info("Master Password dialog shown and canceled");
+  info("Primary Password dialog shown and canceled");
   await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function() {
     let loginItem = content.document.querySelector("login-item");
     let revealCheckbox = loginItem.shadowRoot.querySelector(
@@ -150,7 +150,7 @@ add_task(async function test() {
     revealCheckbox.click();
   });
   await mpDialogShown;
-  info("Master Password dialog shown and authenticated");
+  info("Primary Password dialog shown and authenticated");
   await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function() {
     let loginItem = content.document.querySelector("login-item");
     let revealCheckbox = loginItem.shadowRoot.querySelector(
@@ -212,9 +212,9 @@ add_task(async function test() {
       "login-list should show all results since the filter is empty"
     );
   });
-  LoginTestUtils.masterPassword.disable();
+  LoginTestUtils.primaryPassword.disable();
   await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function() {
-    Cu.waiveXrays(content).AboutLoginsUtils.masterPasswordEnabled = false;
+    Cu.waiveXrays(content).AboutLoginsUtils.primaryPasswordEnabled = false;
     let loginFilter = Cu.waiveXrays(
       content.document.querySelector("login-filter")
     );
@@ -235,7 +235,7 @@ add_task(async function test() {
 add_task(async function test_login_item_after_successful_auth() {
   // Confirm that the mocking of the OS auth dialog isn't enabled so the
   // test will timeout if a real OS auth dialog is shown. We don't show
-  // the OS auth dialog when Master Password is enabled.
+  // the OS auth dialog when Primary Password is enabled.
   is(
     Services.prefs.getStringPref(
       "toolkit.osKeyStore.unofficialBuildOnlyLogin",
@@ -244,7 +244,7 @@ add_task(async function test_login_item_after_successful_auth() {
     "",
     "Pref should be set to default value of empty string to start the test"
   );
-  LoginTestUtils.masterPassword.enable();
+  LoginTestUtils.primaryPassword.enable();
 
   let mpDialogShown = forceAuthTimeoutAndWaitForMPDialog("authenticate");
   await BrowserTestUtils.openNewForegroundTab({
@@ -264,6 +264,6 @@ add_task(async function test_login_item_after_successful_auth() {
     );
   });
 
-  LoginTestUtils.masterPassword.disable();
+  LoginTestUtils.primaryPassword.disable();
   BrowserTestUtils.removeTab(gBrowser.selectedTab);
 });
diff --git a/browser/components/aboutlogins/tests/browser/head.js b/browser/components/aboutlogins/tests/browser/head.js
index a78e4cab1f5c..a39a8a67fd53 100644
--- a/browser/components/aboutlogins/tests/browser/head.js
+++ b/browser/components/aboutlogins/tests/browser/head.js
@@ -170,7 +170,7 @@ add_task(async function setup_head() {
 });
 
 /**
- * Waits for the master password prompt and performs an action.
+ * Waits for the primary password prompt and performs an action.
  * @param {string} action Set to "authenticate" to log in or "cancel" to
  *        close the dialog without logging in.
  */
@@ -183,10 +183,10 @@ function waitForMPDialog(action) {
   return dialogShown.then(function([subject]) {
     let dialog = subject.Dialog;
     let expected = "Password Required - " + BRAND_FULL_NAME;
-    is(dialog.args.title, expected, "Dialog is the Master Password dialog");
+    is(dialog.args.title, expected, "Dialog is the Primary Password dialog");
     if (action == "authenticate") {
       SpecialPowers.wrap(dialog.ui.password1Textbox).setUserInput(
-        LoginTestUtils.masterPassword.masterPassword
+        LoginTestUtils.primaryPassword.primaryPassword
       );
       dialog.ui.button0.click();
     } else if (action == "cancel") {
diff --git a/browser/components/aboutlogins/tests/chrome/aboutlogins_common.js b/browser/components/aboutlogins/tests/chrome/aboutlogins_common.js
index 4beb2197cd15..ff60c41aa0bc 100644
--- a/browser/components/aboutlogins/tests/chrome/aboutlogins_common.js
+++ b/browser/components/aboutlogins/tests/chrome/aboutlogins_common.js
@@ -79,7 +79,7 @@ Object.defineProperty(window, "AboutLoginsUtils", {
     setFocus(element) {
       return element.focus();
     },
-    async promptForMasterPassword(resolve, messageId) {
+    async promptForPrimaryPassword(resolve, messageId) {
       resolve(true);
     },
     doLoginsMatch(login1, login2) {
@@ -92,6 +92,6 @@ Object.defineProperty(window, "AboutLoginsUtils", {
     fileImportEnabled: SpecialPowers.getBoolPref(
       "signon.management.page.fileImport.enabled"
     ),
-    masterPasswordEnabled: false,
+    primaryPasswordEnabled: false,
   },
 });
diff --git a/browser/components/aboutlogins/tests/chrome/test_login_item.html b/browser/components/aboutlogins/tests/chrome/test_login_item.html
index 287c6ac67368..f08ee091048c 100644
--- a/browser/components/aboutlogins/tests/chrome/test_login_item.html
+++ b/browser/components/aboutlogins/tests/chrome/test_login_item.html
@@ -256,7 +256,7 @@ add_task(async function test_reveal_password_change_selected_login() {
   revealCheckbox.click();
   ok(revealCheckbox.checked, "reveal-checkbox should be checked after clicking");
   await SimpleTest.promiseWaitForCondition(() => passwordInput.type == "text",
-    "waiting for password input type to change after checking for master password");
+    "waiting for password input type to change after checking for primary password");
   is(passwordInput.type, "text", "Password should be unmasked when checkbox is clicked");
   ok(!isHidden(passwordInput), "Password input should be visible");
 
@@ -433,7 +433,7 @@ add_task(async function test_copy_button_state() {
 
   copyPasswordButton.click();
   await SimpleTest.promiseWaitForCondition(() => copyPasswordButton.disabled,
-  "waiting for copy-password-button to become disabled after checking for master password");
+  "waiting for copy-password-button to become disabled after checking for primary password");
 
   ok(copyPasswordButton.disabled, "The copy-passwoed-button should be disabled when it is clicked");
   ok(!copyUsernameButton.disabled, "The copy-username-button should be enabled when the copy-password-button is clicked");
@@ -446,7 +446,7 @@ add_task(async function test_copy_button_state() {
 
   copyPasswordButton.click();
   await SimpleTest.promiseWaitForCondition(() => copyPasswordButton.disabled,
-  "waiting for copy-password-button to become disabled after checking for master password");
+  "waiting for copy-password-button to become disabled after checking for primary password");
 
   ok(copyPasswordButton.disabled, "The copy-passwoed-button should be disabled when it is clicked");
   ok(copyUsernameButton.disabled, "The copy-username-button should still be disabled after clicking the password button when the username is empty");
diff --git a/browser/components/enterprisepolicies/tests/browser/browser_policy_disable_masterpassword.js b/browser/components/enterprisepolicies/tests/browser/browser_policy_disable_masterpassword.js
index 779a0285d8ab..d9b3f3da62a9 100644
--- a/browser/components/enterprisepolicies/tests/browser/browser_policy_disable_masterpassword.js
+++ b/browser/components/enterprisepolicies/tests/browser/browser_policy_disable_masterpassword.js
@@ -61,7 +61,7 @@ async function checkAboutPreferences({ checkboxIsDisabled }) {
 add_task(async function test_policy_disable_masterpassword() {
   ok(!mpToken.hasPassword, "Starting the test with no password");
 
-  // No password and no policy: access to setting a master password
+  // No password and no policy: access to setting a primary password
   // should be enabled.
   await checkDeviceManager({ buttonIsDisabled: false });
   await checkAboutPreferences({ checkboxIsDisabled: false });
@@ -73,14 +73,14 @@ add_task(async function test_policy_disable_masterpassword() {
   });
 
   // With the `DisableMasterPasswordCreation: true` policy active, the
-  // UI entry points for creating a Master Password should be disabled.
+  // UI entry points for creating a Primary Password should be disabled.
   await checkDeviceManager({ buttonIsDisabled: true });
   await checkAboutPreferences({ checkboxIsDisabled: true });
 
   mpToken.changePassword("", MASTER_PASSWORD);
   ok(mpToken.hasPassword, "Master password was set");
 
-  // If a Master Password is already set, there's no point in disabling
+  // If a Primary Password is already set, there's no point in disabling
   // the
   await checkDeviceManager({ buttonIsDisabled: false });
   await checkAboutPreferences({ checkboxIsDisabled: false });
diff --git a/browser/components/enterprisepolicies/tests/browser/browser_policy_masterpassword.js b/browser/components/enterprisepolicies/tests/browser/browser_policy_masterpassword.js
index 3505215eea2b..96440a61ca26 100644
--- a/browser/components/enterprisepolicies/tests/browser/browser_policy_masterpassword.js
+++ b/browser/components/enterprisepolicies/tests/browser/browser_policy_masterpassword.js
@@ -15,7 +15,7 @@ add_task(async function test_policy_masterpassword_set() {
     },
   });
 
-  LoginTestUtils.masterPassword.enable();
+  LoginTestUtils.primaryPassword.enable();
 
   await BrowserTestUtils.withNewTab(
     "about:preferences#privacy",
@@ -28,7 +28,7 @@ add_task(async function test_policy_masterpassword_set() {
     }
   );
 
-  LoginTestUtils.masterPassword.disable();
+  LoginTestUtils.primaryPassword.disable();
 });
 
 // Test that password can't be removed in changemp.xhtml
@@ -39,7 +39,7 @@ add_task(async function test_policy_nochangemp() {
     },
   });
 
-  LoginTestUtils.masterPassword.enable();
+  LoginTestUtils.primaryPassword.enable();
 
   let changeMPWindow = window.openDialog(
     "chrome://mozapps/content/preferences/changemp.xhtml",
@@ -55,7 +55,7 @@ add_task(async function test_policy_nochangemp() {
   );
 
   changeMPWindow.document.getElementById("oldpw").value =
-    LoginTestUtils.masterPassword.masterPassword;
+    LoginTestUtils.primaryPassword.masterPassword;
 
   is(
     changeMPWindow.document.getElementById("changemp").getButton("accept")
@@ -66,7 +66,7 @@ add_task(async function test_policy_nochangemp() {
 
   await BrowserTestUtils.closeWindow(changeMPWindow);
 
-  LoginTestUtils.masterPassword.disable();
+  LoginTestUtils.primaryPassword.disable();
 });
 
 // Test that admin message shows
diff --git a/browser/components/enterprisepolicies/tests/browser/browser_policy_masterpassword_aboutlogins.js b/browser/components/enterprisepolicies/tests/browser/browser_policy_masterpassword_aboutlogins.js
index 60bd5fcfd962..eb546cb32e86 100644
--- a/browser/components/enterprisepolicies/tests/browser/browser_policy_masterpassword_aboutlogins.js
+++ b/browser/components/enterprisepolicies/tests/browser/browser_policy_masterpassword_aboutlogins.js
@@ -13,7 +13,7 @@ ChromeUtils.defineModuleGetter(
   "resource://testing-common/TestUtils.jsm"
 );
 
-// Test that create in about:logins asks for master password
+// Test that create in about:logins asks for primary password
 add_task(async function test_policy_admin() {
   await setupPolicyEngineWithJson({
     policies: {
diff --git a/browser/components/payments/content/paymentDialogWrapper.js b/browser/components/payments/content/paymentDialogWrapper.js
index 6bc51933496a..1afcf74782ca 100644
--- a/browser/components/payments/content/paymentDialogWrapper.js
+++ b/browser/components/payments/content/paymentDialogWrapper.js
@@ -209,7 +209,7 @@ var paymentDialogWrapper = {
    * @param {string} cardSecurityCode The associated card security code (CVV/CCV/etc.)
    * @throws If there is an error decrypting
    * @returns {nsIBasicCardResponseData?} returns response data or null (if the
-   *                                      master password dialog was cancelled);
+   *                                      primary password dialog was cancelled);
    */
   async _convertProfileBasicCardToPaymentMethodData(guid, cardSecurityCode) {
     let cardData =
@@ -229,7 +229,7 @@ var paymentDialogWrapper = {
       if (ex.result != Cr.NS_ERROR_ABORT) {
         throw ex;
       }
-      // User canceled master password entry
+      // User canceled primary password entry
       return null;
     }
 
@@ -657,7 +657,7 @@ var paymentDialogWrapper = {
 
     if (!methodData) {
       // TODO (Bug 1429265/Bug 1429205): Handle when a user hits cancel on the
-      // Master Password dialog.
+      // Primary Password dialog.
       Cu.reportError(
         "Bug 1429265/Bug 1429205: User canceled master password entry"
       );
diff --git a/browser/components/preferences/fxaPairDevice.js b/browser/components/preferences/fxaPairDevice.js
index 36a698e4d3b1..a37f5bbcd215 100644
--- a/browser/components/preferences/fxaPairDevice.js
+++ b/browser/components/preferences/fxaPairDevice.js
@@ -42,7 +42,7 @@ var gFxaPairDeviceDialog = {
           .getElementById("connect-another-device-link")
           .setAttribute("href", connectURI);
       });
-    // We let the modal show itself before eventually showing a master-password dialog later.
+    // We let the modal show itself before eventually showing a primary-password dialog later.
     Services.tm.dispatchToMainThread(() => this.startPairingFlow());
   },
 
diff --git a/browser/components/preferences/privacy.js b/browser/components/preferences/privacy.js
index 24fc5ebf3140..a16c2c33822a 100644
--- a/browser/components/preferences/privacy.js
+++ b/browser/components/preferences/privacy.js
@@ -2253,7 +2253,7 @@ var gPrivacyPane = {
    * the UI for it can't be controlled by the normal preference bindings.
    */
   _initMasterPasswordUI() {
-    var noMP = !LoginHelper.isMasterPasswordSet();
+    var noMP = !LoginHelper.isPrimaryPasswordSet();
 
     var button = document.getElementById("changeMasterPassword");
     button.disabled = noMP;
@@ -2317,13 +2317,13 @@ var gPrivacyPane = {
   },
 
   /**
-   * Displays a dialog in which the master password may be changed.
+   * Displays a dialog in which the primary password may be changed.
    */
   async changeMasterPassword() {
-    // Require OS authentication before the user can set a Master Password.
+    // Require OS authentication before the user can set a Primary Password.
     // OS reauthenticate functionality is not available on Linux yet (bug 1527745)
     if (
-      !LoginHelper.isMasterPasswordSet() &&
+      !LoginHelper.isPrimaryPasswordSet() &&
       OS_AUTH_ENABLED &&
       OSKeyStore.canReauth()
     ) {
diff --git a/browser/components/preferences/tests/browser.ini b/browser/components/preferences/tests/browser.ini
index 48762df6f864..50b18b53d87a 100644
--- a/browser/components/preferences/tests/browser.ini
+++ b/browser/components/preferences/tests/browser.ini
@@ -85,7 +85,7 @@ skip-if = tsan || ccov && (os == 'linux' || os == 'win') # Linux: bug 1613530, W
 skip-if = tsan || (!debug && os == 'win') # Bug 1518370
 [browser_layersacceleration.js]
 [browser_localSearchShortcuts.js]
-[browser_masterpassword.js]
+[browser_primaryPassword.js]
 [browser_newtab_menu.js]
 [browser_notifications_do_not_disturb.js]
 [browser_open_download_preferences.js]
diff --git a/browser/components/preferences/tests/browser_masterpassword.js b/browser/components/preferences/tests/browser_primaryPassword.js
similarity index 71%
rename from browser/components/preferences/tests/browser_masterpassword.js
rename to browser/components/preferences/tests/browser_primaryPassword.js
index 52bb8a473ba8..8b9d205510ed 100644
--- a/browser/components/preferences/tests/browser_masterpassword.js
+++ b/browser/components/preferences/tests/browser_primaryPassword.js
@@ -23,15 +23,15 @@ add_task(async function() {
     open(aDialogURL, { closingCallback: aCallback }) {
       dialogOpened = true;
       dialogURL = aDialogURL;
-      masterPasswordSet = masterPasswordNextState;
+      primaryPasswordSet = primaryPasswordNextState;
       aCallback();
     },
   }));
 
-  let masterPasswordSet = false;
+  let primaryPasswordSet = false;
   win.LoginHelper = {
-    isMasterPasswordSet() {
-      return masterPasswordSet;
+    isPrimaryPasswordSet() {
+      return primaryPasswordSet;
     },
   };
 
@@ -39,12 +39,12 @@ add_task(async function() {
   checkbox.scrollIntoView();
   ok(
     !checkbox.checked,
-    "master password checkbox should be unchecked by default"
+    "primary password checkbox should be unchecked by default"
   );
   let button = doc.getElementById("changeMasterPassword");
-  ok(button.disabled, "master password button should be disabled by default");
+  ok(button.disabled, "primary password button should be disabled by default");
 
-  let masterPasswordNextState = false;
+  let primaryPasswordNextState = false;
   if (OSKeyStoreTestUtils.canTestOSKeyStoreLogin() && OSKeyStore.canReauth()) {
     let osAuthDialogShown = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(false);
     checkbox.click();
@@ -61,12 +61,12 @@ add_task(async function() {
     );
     ok(
       !checkbox.checked,
-      "master password checkbox should be unchecked after canceling os auth dialog"
+      "primary password checkbox should be unchecked after canceling os auth dialog"
     );
     ok(button.disabled, "button should be disabled after canceling os auth");
   }
 
-  masterPasswordNextState = true;
+  primaryPasswordNextState = true;
   if (OSKeyStoreTestUtils.canTestOSKeyStoreLogin() && OSKeyStore.canReauth()) {
     let osAuthDialogShown = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
     checkbox.click();
@@ -80,18 +80,18 @@ add_task(async function() {
     is(
       dialogURL,
       "chrome://mozapps/content/preferences/changemp.xhtml",
-      "clicking on the checkbox should open the masterpassword dialog"
+      "clicking on the checkbox should open the primary password dialog"
     );
   } else {
-    masterPasswordSet = true;
+    primaryPasswordSet = true;
     doc.defaultView.gPrivacyPane._initMasterPasswordUI();
     await TestUtils.waitForCondition(
       () => !button.disabled,
-      "waiting for master password button to get enabled"
+      "waiting for primary password button to get enabled"
     );
   }
-  ok(!button.disabled, "master password button should now be enabled");
-  ok(checkbox.checked, "master password checkbox should be checked now");
+  ok(!button.disabled, "primary password button should now be enabled");
+  ok(checkbox.checked, "primary password checkbox should be checked now");
 
   dialogURL = "";
   button.doCommand();
@@ -102,10 +102,10 @@ add_task(async function() {
   is(
     dialogURL,
     "chrome://mozapps/content/preferences/changemp.xhtml",
-    "clicking on the button should open the masterpassword dialog"
+    "clicking on the button should open the primary password dialog"
   );
-  ok(!button.disabled, "master password button should still be enabled");
-  ok(checkbox.checked, "master password checkbox should be checked still");
+  ok(!button.disabled, "primary password button should still be enabled");
+  ok(checkbox.checked, "primary password checkbox should be checked still");
 
   // Confirm that we won't automatically respond to the dialog,
   // since we don't expect a dialog here, we want the test to fail if one appears.
@@ -118,16 +118,16 @@ add_task(async function() {
     "Pref should be set to an empty string"
   );
 
-  masterPasswordNextState = false;
+  primaryPasswordNextState = false;
   dialogURL = "";
   checkbox.click();
   is(
     dialogURL,
     "chrome://mozapps/content/preferences/removemp.xhtml",
-    "clicking on the checkbox to uncheck master password should show the removal dialog"
+    "clicking on the checkbox to uncheck primary password should show the removal dialog"
   );
-  ok(button.disabled, "master password button should now be disabled");
-  ok(!checkbox.checked, "master password checkbox should now be unchecked");
+  ok(button.disabled, "primary password button should now be disabled");
+  ok(!checkbox.checked, "primary password checkbox should now be unchecked");
 
   BrowserTestUtils.removeTab(gBrowser.selectedTab);
 });
diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js
index 890c82e90d3f..d9f183a988aa 100644
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -3650,7 +3650,7 @@ pref("signon.relatedRealms.enabled", false);
 
 pref("signon.schemeUpgrades",                     true);
 pref("signon.includeOtherSubdomainsInLookup",     true);
-// This temporarily prevents the master password to reprompt for autocomplete.
+// This temporarily prevents the primary password to reprompt for autocomplete.
 pref("signon.masterPasswordReprompt.timeout_ms", 900000); // 15 Minutes
 pref("signon.showAutoCompleteFooter",             false);
 pref("signon.showAutoCompleteOrigins",            true);
diff --git a/security/manager/ssl/tests/unit/test_certDB_export_pkcs12_with_master_password.js b/security/manager/ssl/tests/unit/test_certDB_export_pkcs12_with_primary_password.js
similarity index 98%
rename from security/manager/ssl/tests/unit/test_certDB_export_pkcs12_with_master_password.js
rename to security/manager/ssl/tests/unit/test_certDB_export_pkcs12_with_primary_password.js
index 598d159c95f9..25f4ab58bf66 100644
--- a/security/manager/ssl/tests/unit/test_certDB_export_pkcs12_with_master_password.js
+++ b/security/manager/ssl/tests/unit/test_certDB_export_pkcs12_with_primary_password.js
@@ -4,7 +4,7 @@
 "use strict";
 
 // Tests exporting a certificate and key as a PKCS#12 blob if the user has a
-// master password set.
+// primary password set.
 
 do_get_profile();
 
@@ -66,7 +66,7 @@ function run_test() {
     MockRegistrar.unregister(promptFactoryCID);
   });
 
-  // Set a master password.
+  // Set a primary password.
   let tokenDB = Cc["@mozilla.org/security/pk11tokendb;1"].getService(
     Ci.nsIPK11TokenDB
   );
diff --git a/security/manager/ssl/tests/unit/test_certDB_import_with_master_password.js b/security/manager/ssl/tests/unit/test_certDB_import_with_primary_password.js
similarity index 98%
rename from security/manager/ssl/tests/unit/test_certDB_import_with_master_password.js
rename to security/manager/ssl/tests/unit/test_certDB_import_with_primary_password.js
index e31dc605b866..ab1ad36fd2ab 100644
--- a/security/manager/ssl/tests/unit/test_certDB_import_with_master_password.js
+++ b/security/manager/ssl/tests/unit/test_certDB_import_with_primary_password.js
@@ -3,7 +3,7 @@
 // http://creativecommons.org/publicdomain/zero/1.0/
 "use strict";
 
-// Tests that a CA certificate can still be imported if the user has a master
+// Tests that a CA certificate can still be imported if the user has a primary
 // password set.
 
 do_get_profile();
@@ -106,7 +106,7 @@ function run_test() {
     MockRegistrar.unregister(certificateDialogsCID);
   });
 
-  // Set a master password.
+  // Set a primary password.
   let tokenDB = Cc["@mozilla.org/security/pk11tokendb;1"].getService(
     Ci.nsIPK11TokenDB
   );
diff --git a/security/manager/ssl/tests/unit/xpcshell.ini b/security/manager/ssl/tests/unit/xpcshell.ini
index d88fd7ab191f..239d0b47d01f 100644
--- a/security/manager/ssl/tests/unit/xpcshell.ini
+++ b/security/manager/ssl/tests/unit/xpcshell.ini
@@ -91,12 +91,12 @@ run-sequentially = hardcoded ports
 [test_cert_version.js]
 [test_cert_utf8.js]
 [test_certDB_export_pkcs12.js]
-[test_certDB_export_pkcs12_with_master_password.js]
+[test_certDB_export_pkcs12_with_primary_password.js]
 [test_certDB_import.js]
 # nsCertificateDialogs not available in geckoview, bug 1554276
 skip-if = toolkit == 'android' && processor == 'x86_64'
 [test_certDB_import_pkcs12.js]
-[test_certDB_import_with_master_password.js]
+[test_certDB_import_with_primary_password.js]
 # nsCertificateDialogs not available in geckoview, bug 1554276
 skip-if = toolkit == 'android' && processor == 'x86_64'
 [test_constructX509FromBase64.js]
diff --git a/services/sync/modules/constants.js b/services/sync/modules/constants.js
index 2922b913597e..cebf7f99d987 100644
--- a/services/sync/modules/constants.js
+++ b/services/sync/modules/constants.js
@@ -118,7 +118,7 @@ for (let [key, val] of Object.entries({
   ENGINE_BATCH_INTERRUPTED: "error.engine.reason.batch_interrupted",
 
   // Ways that a sync can be disabled (messages only to be printed in debug log)
-  kSyncMasterPasswordLocked: "User elected to leave Master Password locked",
+  kSyncMasterPasswordLocked: "User elected to leave Primary Password locked",
   kSyncWeaveDisabled: "Weave is disabled",
   kSyncNetworkOffline: "Network is offline",
   kSyncBackoffNotMet: "Trying to sync before the server said it's okay",
diff --git a/testing/mozbase/manifestparser/tests/mozmill-restart-example.ini b/testing/mozbase/manifestparser/tests/mozmill-restart-example.ini
index e27ae9b93e5a..2ce30e7c6af1 100644
--- a/testing/mozbase/manifestparser/tests/mozmill-restart-example.ini
+++ b/testing/mozbase/manifestparser/tests/mozmill-restart-example.ini
@@ -10,7 +10,7 @@ foo = baz
 [restartTests/testExtensionInstallUninstall/test3.js]
 [restartTests/testSoftwareUpdateAutoProxy/test2.js]
 [restartTests/testSoftwareUpdateAutoProxy/test1.js]
-[restartTests/testMasterPassword/test1.js]
+[restartTests/testPrimaryPassword/test1.js]
 [restartTests/testExtensionInstallGetAddons/test2.js]
 [restartTests/testExtensionInstallGetAddons/test1.js]
 [restartTests/testMultipleExtensionInstallation/test2.js]
diff --git a/toolkit/components/cleardata/tests/browser/browser_auth_tokens.js b/toolkit/components/cleardata/tests/browser/browser_auth_tokens.js
index 9d3c7ff38d31..46750b70908f 100644
--- a/toolkit/components/cleardata/tests/browser/browser_auth_tokens.js
+++ b/toolkit/components/cleardata/tests/browser/browser_auth_tokens.js
@@ -65,7 +65,7 @@ function runTest({ deleteBy, hasUserInput }) {
   testLoggedIn(false);
 
   info("Setup primary password and login");
-  LoginTestUtils.masterPassword.enable(true);
+  LoginTestUtils.primaryPassword.enable(true);
   testLoggedIn(true);
 
   info(
@@ -87,7 +87,7 @@ function runTest({ deleteBy, hasUserInput }) {
     Ci.nsISecretDecoderRing
   );
   sdr.logoutAndTeardown();
-  LoginTestUtils.masterPassword.disable();
+  LoginTestUtils.primaryPassword.disable();
 }
 
 add_task(async function test_deleteAll() {
diff --git a/toolkit/components/passwordmgr/LoginHelper.jsm b/toolkit/components/passwordmgr/LoginHelper.jsm
index 317d6e400ef8..2cdef5f7b982 100644
--- a/toolkit/components/passwordmgr/LoginHelper.jsm
+++ b/toolkit/components/passwordmgr/LoginHelper.jsm
@@ -1576,9 +1576,9 @@ this.LoginHelper = {
   },
 
   /**
-   * Returns true if the user has a master password set and false otherwise.
+   * Returns true if the user has a primary password set and false otherwise.
    */
-  isMasterPasswordSet() {
+  isPrimaryPasswordSet() {
     let tokenDB = Cc["@mozilla.org/security/pk11tokendb;1"].getService(
       Ci.nsIPK11TokenDB
     );
@@ -1587,7 +1587,7 @@ this.LoginHelper = {
   },
 
   /**
-   * Shows the Master Password prompt if enabled, or the
+   * Shows the Primary Password prompt if enabled, or the
    * OS auth dialog otherwise.
    * @param {Element} browser
    *        The <browser> that the prompt should be shown on
@@ -1606,7 +1606,7 @@ this.LoginHelper = {
     let isAuthorized = false;
     let telemetryEvent;
 
-    // This does no harm if master password isn't set.
+    // This does no harm if primary password isn't set.
     let tokendb = Cc["@mozilla.org/security/pk11tokendb;1"].createInstance(
       Ci.nsIPK11TokenDB
     );
@@ -1626,7 +1626,7 @@ this.LoginHelper = {
       };
     }
 
-    // Default to true if there is no master password and OS reauth is not available
+    // Default to true if there is no primary password and OS reauth is not available
     if (!token.hasPassword && !OSReauthEnabled) {
       isAuthorized = true;
       telemetryEvent = {
@@ -1639,7 +1639,7 @@ this.LoginHelper = {
         telemetryEvent,
       };
     }
-    // Use the OS auth dialog if there is no master password
+    // Use the OS auth dialog if there is no primary password
     if (!token.hasPassword && OSReauthEnabled) {
       let result = await OSKeyStore.ensureLoggedIn(
         messageText,
@@ -1659,10 +1659,10 @@ this.LoginHelper = {
         telemetryEvent,
       };
     }
-    // We'll attempt to re-auth via Master Password, force a log-out
+    // We'll attempt to re-auth via Primary Password, force a log-out
     token.checkPassword("");
 
-    // If a master password prompt is already open, just exit early and return false.
+    // If a primary password prompt is already open, just exit early and return false.
     // The user can re-trigger it after responding to the already open dialog.
     if (Services.logins.uiBusy) {
       isAuthorized = false;
@@ -1672,9 +1672,9 @@ this.LoginHelper = {
       };
     }
 
-    // So there's a master password. But since checkPassword didn't succeed, we're logged out (per nsIPK11Token.idl).
+    // So there's a primary password. But since checkPassword didn't succeed, we're logged out (per nsIPK11Token.idl).
     try {
-      // Relogin and ask for the master password.
+      // Relogin and ask for the primary password.
       token.login(true); // 'true' means always prompt for token password. User will be prompted until
       // clicking 'Cancel' or entering the correct password.
     } catch (e) {
diff --git a/toolkit/components/passwordmgr/LoginManager.jsm b/toolkit/components/passwordmgr/LoginManager.jsm
index e43846dacc79..924298472326 100644
--- a/toolkit/components/passwordmgr/LoginManager.jsm
+++ b/toolkit/components/passwordmgr/LoginManager.jsm
@@ -97,11 +97,11 @@ LoginManager.prototype = {
     this.initializationPromise = this._storage.initialize();
     this.initializationPromise.then(() => {
       log.debug(
-        "initializationPromise is resolved, updating isMasterPasswordSet in sharedData"
+        "initializationPromise is resolved, updating isPrimaryPasswordSet in sharedData"
       );
       Services.ppmm.sharedData.set(
-        "isMasterPasswordSet",
-        LoginHelper.isMasterPasswordSet()
+        "isPrimaryPasswordSet",
+        LoginHelper.isPrimaryPasswordSet()
       );
     });
   },
diff --git a/toolkit/components/passwordmgr/LoginManagerAuthPrompter.jsm b/toolkit/components/passwordmgr/LoginManagerAuthPrompter.jsm
index 283f1907d158..93da1da83309 100644
--- a/toolkit/components/passwordmgr/LoginManagerAuthPrompter.jsm
+++ b/toolkit/components/passwordmgr/LoginManagerAuthPrompter.jsm
@@ -210,7 +210,7 @@ LoginManagerAuthPromptFactory.prototype = {
       return;
     }
 
-    this.log("Waiting for master password UI");
+    this.log("Waiting for primary password UI");
 
     this._uiBusyPromise = new Promise();
     await this._uiBusyPromise;
@@ -219,7 +219,7 @@ LoginManagerAuthPromptFactory.prototype = {
   async _doAsyncPrompt(prompt, hashKey) {
     this._setPendingPrompt(prompt, hashKey);
 
-    // UI might be busy due to the master password dialog. Wait for it to close.
+    // UI might be busy due to the primary password dialog. Wait for it to close.
     await this._waitForLoginsUI(prompt);
 
     let ok = false;
diff --git a/toolkit/components/passwordmgr/LoginManagerChild.jsm b/toolkit/components/passwordmgr/LoginManagerChild.jsm
index 3782e3c2c64f..d83e0a66678b 100644
--- a/toolkit/components/passwordmgr/LoginManagerChild.jsm
+++ b/toolkit/components/passwordmgr/LoginManagerChild.jsm
@@ -755,7 +755,7 @@ this.LoginManagerChild = class LoginManagerChild extends JSWindowActorChild {
    * @param {HTMLFormElement} form - form to get login data for
    * @param {Object} options
    * @param {boolean} options.guid - guid of a login to retrieve
-   * @param {boolean} options.showMasterPassword - whether to show a master password prompt
+   * @param {boolean} options.showPrimaryPassword - whether to show a primary password prompt
    */
   _getLoginDataFromParent(form, options) {
     let actionOrigin = LoginHelper.getFormActionOrigin(form);
@@ -964,22 +964,22 @@ this.LoginManagerChild = class LoginManagerChild extends JSWindowActorChild {
     if (!event.isTrusted) {
       return;
     }
-    let isMasterPasswordSet = Services.cpmm.sharedData.get(
-      "isMasterPasswordSet"
+    let isPrimaryPasswordSet = Services.cpmm.sharedData.get(
+      "isPrimaryPasswordSet"
     );
     let document = event.target.ownerDocument;
 
-    // don't attempt to defer handling when a master password is set
+    // don't attempt to defer handling when a primary password is set
     // Showing the MP modal as soon as possible minimizes its interference with tab interactions
     // See bug 1539091 and bug 1538460.
     log(
       "onDOMFormHasPassword, visibilityState:",
       document.visibilityState,
-      "isMasterPasswordSet:",
-      isMasterPasswordSet
+      "isPrimaryPasswordSet:",
+      isPrimaryPasswordSet
     );
 
-    if (document.visibilityState == "visible" || isMasterPasswordSet) {
+    if (document.visibilityState == "visible" || isPrimaryPasswordSet) {
       this._processDOMFormHasPasswordEvent(event);
     } else {
       // wait until the document becomes visible before handling this event
@@ -1000,16 +1000,16 @@ this.LoginManagerChild = class LoginManagerChild extends JSWindowActorChild {
     if (!event.isTrusted) {
       return;
     }
-    let isMasterPasswordSet = Services.cpmm.sharedData.get(
-      "isMasterPasswordSet"
+    let isPrimaryPasswordSet = Services.cpmm.sharedData.get(
+      "isPrimaryPasswordSet"
     );
     let document = event.target.ownerDocument;
 
     log(
       "onDOMFormHasPossibleUsername, visibilityState:",
       document.visibilityState,
-      "isMasterPasswordSet:",
-      isMasterPasswordSet
+      "isPrimaryPasswordSet:",
+      isPrimaryPasswordSet
     );
 
     // For simplicity, the result of the telemetry is stacked. This means if a
@@ -1029,7 +1029,7 @@ this.LoginManagerChild = class LoginManagerChild extends JSWindowActorChild {
       return;
     }
 
-    if (document.visibilityState == "visible" || isMasterPasswordSet) {
+    if (document.visibilityState == "visible" || isPrimaryPasswordSet) {
       this._processDOMFormHasPossibleUsernameEvent(event);
     } else {
       // wait until the document becomes visible before handling this event
@@ -1080,20 +1080,20 @@ this.LoginManagerChild = class LoginManagerChild extends JSWindowActorChild {
     }
 
     let document = pwField.ownerDocument;
-    let isMasterPasswordSet = Services.cpmm.sharedData.get(
-      "isMasterPasswordSet"
+    let isPrimaryPasswordSet = Services.cpmm.sharedData.get(
+      "isPrimaryPasswordSet"
     );
     log(
       "onDOMInputPasswordAdded, visibilityState:",
       document.visibilityState,
-      "isMasterPasswordSet:",
-      isMasterPasswordSet
+      "isPrimaryPasswordSet:",
+      isPrimaryPasswordSet
     );
 
-    // don't attempt to defer handling when a master password is set
+    // don't attempt to defer handling when a primary password is set
     // Showing the MP modal as soon as possible minimizes its interference with tab interactions
     // See bug 1539091 and bug 1538460.
-    if (document.visibilityState == "visible" || isMasterPasswordSet) {
+    if (document.visibilityState == "visible" || isPrimaryPasswordSet) {
       this._processDOMInputPasswordAddedEvent(event);
     } else {
       // wait until the document becomes visible before handling this event
@@ -1193,7 +1193,7 @@ this.LoginManagerChild = class LoginManagerChild extends JSWindowActorChild {
       mozSystemGroup: true,
     });
 
-    this._getLoginDataFromParent(form, { showMasterPassword: true })
+    this._getLoginDataFromParent(form, { showPrimaryPassword: true })
       .then(this.loginsFound.bind(this))
       .catch(Cu.reportError);
   }
@@ -1453,7 +1453,7 @@ this.LoginManagerChild = class LoginManagerChild extends JSWindowActorChild {
       if (passwordField) {
         this._getLoginDataFromParent(acForm, {
           guid: loginGUID,
-          showMasterPassword: false,
+          showPrimaryPassword: false,
         })
           .then(({ form, loginsFound, recipes }) => {
             if (!loginGUID) {
@@ -2573,7 +2573,7 @@ this.LoginManagerChild = class LoginManagerChild extends JSWindowActorChild {
 
     // Heuristically determine what the user/pass fields are
     // We do this before checking to see if logins are stored,
-    // so that the user isn't prompted for a master password
+    // so that the user isn't prompted for a primary password
     // without need.
     let {
       usernameField,
diff --git a/toolkit/components/passwordmgr/LoginManagerParent.jsm b/toolkit/components/passwordmgr/LoginManagerParent.jsm
index d637dd0ba8f8..7de33913b2c4 100644
--- a/toolkit/components/passwordmgr/LoginManagerParent.jsm
+++ b/toolkit/components/passwordmgr/LoginManagerParent.jsm
@@ -82,8 +82,8 @@ let gGeneratedPasswordsByPrincipalOrigin = new Map();
 let gRecipeManager = null;
 
 /**
- * Tracks the last time the user cancelled the master password prompt,
- *  to avoid spamming master password prompts on autocomplete searches.
+ * Tracks the last time the user cancelled the primary password prompt,
+ *  to avoid spamming primary password prompts on autocomplete searches.
  */
 let gLastMPLoginCancelled = Number.NEGATIVE_INFINITY;
 
@@ -232,7 +232,7 @@ class LoginManagerParent extends JSWindowActorParent {
       // Record the last time the user cancelled the MP prompt
       // to avoid spamming them with MP prompts for autocomplete.
       if (e.result == Cr.NS_ERROR_ABORT) {
-        log("User cancelled master password prompt.");
+        log("User cancelled primary password prompt.");
         gLastMPLoginCancelled = Date.now();
         return [];
       }
@@ -506,7 +506,7 @@ class LoginManagerParent extends JSWindowActorParent {
   async sendLoginDataToChild(
     formOrigin,
     actionOrigin,
-    { guid, showMasterPassword }
+    { guid, showPrimaryPassword }
   ) {
     let recipes = [];
     let formHost;
@@ -518,11 +518,11 @@ class LoginManagerParent extends JSWindowActorParent {
       // Some schemes e.g. chrome aren't supported by URL
     }
 
-    if (!showMasterPassword && !Services.logins.isLoggedIn) {
+    if (!showPrimaryPassword && !Services.logins.isLoggedIn) {
       return { logins: [], recipes };
     }
 
-    // If we're currently displaying a master password prompt, defer
+    // If we're currently displaying a primary password prompt, defer
     // processing this form until the user handles the prompt.
     if (Services.logins.uiBusy) {
       log("deferring sendLoginDataToChild for", formOrigin);
@@ -550,7 +550,7 @@ class LoginManagerParent extends JSWindowActorParent {
           }
 
           let result = self.sendLoginDataToChild(formOrigin, actionOrigin, {
-            showMasterPassword,
+            showPrimaryPassword,
           });
           uiBusyPromiseResolve(result);
         },
@@ -621,11 +621,11 @@ class LoginManagerParent extends JSWindowActorParent {
     // Note: previousResult is a regular object, not an
     // nsIAutoCompleteResult.
 
-    // Cancel if the master password prompt is already showing or we unsuccessfully prompted for it too recently.
+    // Cancel if the primary password prompt is already showing or we unsuccessfully prompted for it too recently.
     if (!Services.logins.isLoggedIn) {
       if (Services.logins.uiBusy) {
         log(
-          "Not searching logins for autocomplete since the master password prompt is already showing"
+          "Not searching logins for autocomplete since the primary password prompt is already showing"
         );
         // Return an empty array to make LoginManagerChild clear the
         // outstanding request it has temporarily saved.
@@ -635,7 +635,7 @@ class LoginManagerParent extends JSWindowActorParent {
       let timeDiff = Date.now() - gLastMPLoginCancelled;
       if (timeDiff < LoginManagerParent._repromptTimeout) {
         log(
-          "Not searching logins for autocomplete since the master password " +
+          "Not searching logins for autocomplete since the primary password " +
             `prompt was last cancelled ${Math.round(
               timeDiff / 1000
             )} seconds ago.`
diff --git a/toolkit/components/passwordmgr/LoginManagerPrompter.jsm b/toolkit/components/passwordmgr/LoginManagerPrompter.jsm
index 3294ef13d1f8..d0e94ea89211 100644
--- a/toolkit/components/passwordmgr/LoginManagerPrompter.jsm
+++ b/toolkit/components/passwordmgr/LoginManagerPrompter.jsm
@@ -498,13 +498,13 @@ class LoginManagerPrompter {
           type == "password-save" &&
           !Services.policies.isAllowed("removeMasterPassword")
         ) {
-          if (!LoginHelper.isMasterPasswordSet()) {
+          if (!LoginHelper.isPrimaryPasswordSet()) {
             browser.ownerGlobal.openDialog(
               "chrome://mozapps/content/preferences/changemp.xhtml",
               "",
               "centerscreen,chrome,modal,titlebar"
             );
-            if (!LoginHelper.isMasterPasswordSet()) {
+            if (!LoginHelper.isPrimaryPasswordSet()) {
               return;
             }
           }
@@ -708,7 +708,7 @@ class LoginManagerPrompter {
                 toggleBtn.setAttribute("accesskey", togglePasswordAccessKey);
 
                 let hideToggle =
-                  LoginHelper.isMasterPasswordSet() ||
+                  LoginHelper.isPrimaryPasswordSet() ||
                   // Don't show the toggle when the login was autofilled
                   !!autoFilledLoginGuid ||
                   // Dismissed-by-default prompts should still show the toggle.
diff --git a/toolkit/components/passwordmgr/crypto-SDR.js b/toolkit/components/passwordmgr/crypto-SDR.js
index cac63d1a1528..f937d98add08 100644
--- a/toolkit/components/passwordmgr/crypto-SDR.js
+++ b/toolkit/components/passwordmgr/crypto-SDR.js
@@ -88,7 +88,7 @@ LoginManagerCrypto_SDR.prototype = {
       if (e.result == Cr.NS_ERROR_FAILURE) {
         canceledMP = true;
         throw Components.Exception(
-          "User canceled master password entry",
+          "User canceled primary password entry",
           Cr.NS_ERROR_ABORT
         );
       } else {
@@ -99,7 +99,7 @@ LoginManagerCrypto_SDR.prototype = {
       }
     } finally {
       this._uiBusy = false;
-      // If we triggered a master password prompt, notify observers.
+      // If we triggered a primary password prompt, notify observers.
       if (!wasLoggedIn && this.isLoggedIn) {
         this._notifyObservers("passwordmgr-crypto-login");
       } else if (canceledMP) {
@@ -140,7 +140,7 @@ LoginManagerCrypto_SDR.prototype = {
       if (e.result == Cr.NS_ERROR_FAILURE) {
         canceledMP = true;
         throw Components.Exception(
-          "User canceled master password entry",
+          "User canceled primary password entry",
           Cr.NS_ERROR_ABORT
         );
       } else {
@@ -151,7 +151,7 @@ LoginManagerCrypto_SDR.prototype = {
       }
     } finally {
       this._uiBusy = false;
-      // If we triggered a master password prompt, notify observers.
+      // If we triggered a primary password prompt, notify observers.
       if (!wasLoggedIn && this.isLoggedIn) {
         this._notifyObservers("passwordmgr-crypto-login");
       } else if (canceledMP) {
@@ -193,7 +193,7 @@ LoginManagerCrypto_SDR.prototype = {
       if (e.result == Cr.NS_ERROR_NOT_AVAILABLE) {
         canceledMP = true;
         throw Components.Exception(
-          "User canceled master password entry",
+          "User canceled primary password entry",
           Cr.NS_ERROR_ABORT
         );
       } else {
@@ -204,7 +204,7 @@ LoginManagerCrypto_SDR.prototype = {
       }
     } finally {
       this._uiBusy = false;
-      // If we triggered a master password prompt, notify observers.
+      // If we triggered a primary password prompt, notify observers.
       if (!wasLoggedIn && this.isLoggedIn) {
         this._notifyObservers("passwordmgr-crypto-login");
       } else if (canceledMP) {
@@ -249,7 +249,7 @@ LoginManagerCrypto_SDR.prototype = {
       if (e.result == Cr.NS_ERROR_NOT_AVAILABLE) {
         canceledMP = true;
         throw Components.Exception(
-          "User canceled master password entry",
+          "User canceled primary password entry",
           Cr.NS_ERROR_ABORT
         );
       } else {
@@ -260,7 +260,7 @@ LoginManagerCrypto_SDR.prototype = {
       }
     } finally {
       this._uiBusy = false;
-      // If we triggered a master password prompt, notify observers.
+      // If we triggered a primary password prompt, notify observers.
       if (!wasLoggedIn && this.isLoggedIn) {
         this._notifyObservers("passwordmgr-crypto-login");
       } else if (canceledMP) {
@@ -299,7 +299,7 @@ LoginManagerCrypto_SDR.prototype = {
    * _notifyObservers
    */
   _notifyObservers(topic) {
-    this.log("Prompted for a master password, notifying for " + topic);
+    this.log("Prompted for a primary password, notifying for " + topic);
     Services.obs.notifyObservers(null, topic);
   },
 }; // end of nsLoginManagerCrypto_SDR implementation
diff --git a/toolkit/components/passwordmgr/nsILoginManager.idl b/toolkit/components/passwordmgr/nsILoginManager.idl
index dd6aad0d3c80..1d5700e35c65 100644
--- a/toolkit/components/passwordmgr/nsILoginManager.idl
+++ b/toolkit/components/passwordmgr/nsILoginManager.idl
@@ -217,7 +217,7 @@ interface nsILoginManager : nsISupports {
    * Search for logins matching the specified criteria, as with
    * findLogins(). This interface only returns the number of matching
    * logins (and not the logins themselves), which allows a caller to
-   * check for logins without causing the user to be prompted for a master
+   * check for logins without causing the user to be prompted for a primary
    * password to decrypt the logins.
    *
    * @param aOrigin
@@ -269,8 +269,8 @@ interface nsILoginManager : nsISupports {
    * respect to the sync servers.
    *
    * Returns null if the data doesn't exist or if the data can't be
-   * decrypted (including if the master-password prompt is cancelled). This is
-   * OK for Sync as it can't even begin syncing if the master-password is
+   * decrypted (including if the primary-password prompt is cancelled). This is
+   * OK for Sync as it can't even begin syncing if the primary-password is
    * locked as the sync encrytion keys are stored in this login manager.
    */
   Promise getSyncID();
@@ -279,7 +279,7 @@ interface nsILoginManager : nsISupports {
    * Sets the "sync id" used by Sync to know whether the store is current with
    * respect to the sync servers. May be set to null.
    *
-   * Throws if the data can't be encrypted (including if the master-password
+   * Throws if the data can't be encrypted (including if the primary-password
    * prompt is cancelled)
    */
   Promise setSyncID(in AString syncID);
@@ -303,12 +303,12 @@ interface nsILoginManager : nsISupports {
   Promise ensureCurrentSyncID(in AString newSyncID);
 
  /**
-  * True when a master password prompt is being displayed.
+  * True when a primary password prompt is being displayed.
   */
   readonly attribute boolean uiBusy;
 
  /**
-  * True when the master password has already been entered, and so a caller
+  * True when the primary password has already been entered, and so a caller
   * can ask for decrypted logins without triggering a prompt.
   */
   readonly attribute boolean isLoggedIn;
diff --git a/toolkit/components/passwordmgr/nsILoginManagerCrypto.idl b/toolkit/components/passwordmgr/nsILoginManagerCrypto.idl
index 1242a2aab362..936228548afd 100644
--- a/toolkit/components/passwordmgr/nsILoginManagerCrypto.idl
+++ b/toolkit/components/passwordmgr/nsILoginManagerCrypto.idl
@@ -23,7 +23,7 @@ interface nsILoginManagerCrypto : nsISupports {
    * "Secret Decoder Ring" service. It is not recommended for general
    * purpose encryption/decryption.
    *
-   * Can throw if the user cancels entry of their master password.
+   * Can throw if the user cancels entry of their primary password.
    */
   AString encrypt(in AString plainText);
 
@@ -46,7 +46,7 @@ interface nsILoginManagerCrypto : nsISupports {
    *
    * Decrypts the specified string, returning the plaintext value.
    *
-   * Can throw if the user cancels entry of their master password, or if the
+   * Can throw if the user cancels entry of their primary password, or if the
    * cipherText value can not be successfully decrypted (eg, if it was
    * encrypted with some other key).
    */
@@ -58,7 +58,7 @@ interface nsILoginManagerCrypto : nsISupports {
    *
    * Decrypts the specified strings, returning the plaintext values.
    *
-   * Can throw if the user cancels entry of their master password, or if the
+   * Can throw if the user cancels entry of their primary password, or if the
    * cipherText value can not be successfully decrypted (eg, if it was
    * encrypted with some other key).
    */
@@ -67,7 +67,7 @@ interface nsILoginManagerCrypto : nsISupports {
   /**
    * uiBusy
    *
-   * True when a master password prompt is being displayed.
+   * True when a primary password prompt is being displayed.
    */
   readonly attribute boolean uiBusy;
 
@@ -75,7 +75,7 @@ interface nsILoginManagerCrypto : nsISupports {
    * isLoggedIn
    *
    * Current login state of the token used for encryption. If the user is
-   * not logged in, performing a crypto operation will result in a master
+   * not logged in, performing a crypto operation will result in a primary
    * password prompt.
    */
   readonly attribute boolean isLoggedIn;
diff --git a/toolkit/components/passwordmgr/nsILoginManagerStorage.idl b/toolkit/components/passwordmgr/nsILoginManagerStorage.idl
index ff3ac67ee2e5..1584e70f4ff0 100644
--- a/toolkit/components/passwordmgr/nsILoginManagerStorage.idl
+++ b/toolkit/components/passwordmgr/nsILoginManagerStorage.idl
@@ -195,7 +195,7 @@ interface nsILoginManagerStorage : nsISupports {
    * Search for logins matching the specified criteria, as with
    * findLogins(). This interface only returns the number of matching
    * logins (and not the logins themselves), which allows a caller to
-   * check for logins without causing the user to be prompted for a master
+   * check for logins without causing the user to be prompted for a primary
    * password to decrypt the logins.
    *
    * @param aOrigin
@@ -219,8 +219,8 @@ interface nsILoginManagerStorage : nsISupports {
    * respect to the sync servers.
    *
    * Returns null if the data doesn't exist or if the data can't be
-   * decrypted (including if the master-password prompt is cancelled). This is
-   * OK for Sync as it can't even begin syncing if the master-password is
+   * decrypted (including if the primary-password prompt is cancelled). This is
+   * OK for Sync as it can't even begin syncing if the primary-password is
    * locked as the sync encrytion keys are stored in this login manager.
    */
   Promise getSyncID();
@@ -229,7 +229,7 @@ interface nsILoginManagerStorage : nsISupports {
    * Sets the "sync id" used by Sync to know whether the store is current with
    * respect to the sync servers. May be set to null.
    *
-   * Throws if the data can't be encrypted (including if the master-password
+   * Throws if the data can't be encrypted (including if the primary-password
    * prompt is cancelled)
    */
   Promise setSyncID(in AString syncID);
@@ -246,12 +246,12 @@ interface nsILoginManagerStorage : nsISupports {
   Promise setLastSync(in double timestamp);
 
   /**
-   * True when a master password prompt is being shown.
+   * True when a primary password prompt is being shown.
    */
   readonly attribute boolean uiBusy;
 
   /**
-   * True when the master password has already been entered, and so a caller
+   * True when the primary password has already been entered, and so a caller
    * can ask for decrypted logins without triggering a prompt.
    */
   readonly attribute boolean isLoggedIn;
diff --git a/toolkit/components/passwordmgr/storage-json.js b/toolkit/components/passwordmgr/storage-json.js
index 24ef46af218f..1eb6d305438c 100644
--- a/toolkit/components/passwordmgr/storage-json.js
+++ b/toolkit/components/passwordmgr/storage-json.js
@@ -120,13 +120,13 @@ class LoginManagerStorage_json {
   /**
    * Returns the "sync id" used by Sync to know whether the store is current with
    * respect to the sync servers. It is stored encrypted, but only so we
-   * can detect failure to decrypt (for example, a "reset" of the master
+   * can detect failure to decrypt (for example, a "reset" of the primary
    * password will leave all logins alone, but they will fail to decrypt. We
    * also want this metadata to be unavailable in that scenario)
    *
    * Returns null if the data doesn't exist or if the data can't be
-   * decrypted (including if the master-password prompt is cancelled). This is
-   * OK for Sync as it can't even begin syncing if the master-password is
+   * decrypted (including if the primary-password prompt is cancelled). This is
+   * OK for Sync as it can't even begin syncing if the primary-password is
    * locked as the sync encrytion keys are stored in this login manager.
    */
   async getSyncID() {
@@ -416,7 +416,7 @@ class LoginManagerStorage_json {
           this._crypto.decrypt(login.password);
         } catch (e) {
           // If decryption failed (corrupt entry?), just skip it.
-          // Rethrow other errors (like canceling entry of a master pw)
+          // Rethrow other errors (like canceling entry of a primary pw)
           if (e.result == Cr.NS_ERROR_FAILURE) {
             this.log(
               "Could not decrypt login:",
@@ -817,7 +817,7 @@ class LoginManagerStorage_json {
 
   /**
    * Returns the encrypted username, password, and encrypton type for the specified
-   * login. Can throw if the user cancels a master password entry.
+   * login. Can throw if the user cancels a primary password entry.
    */
   _encryptLogin(login) {
     let encUsername = this._crypto.encrypt(login.username);
@@ -836,7 +836,7 @@ class LoginManagerStorage_json {
    * value should be given to external callers (since still-encrypted
    * entries are useless), whereas internal callers generally don't want
    * to lose unencrypted entries (eg, because the user clicked Cancel
-   * instead of entering their master password)
+   * instead of entering their primary password)
    */
   _decryptLogins(logins) {
     let result = [];
@@ -847,7 +847,7 @@ class LoginManagerStorage_json {
         login.password = this._crypto.decrypt(login.password);
       } catch (e) {
         // If decryption failed (corrupt entry?), just skip it.
-        // Rethrow other errors (like canceling entry of a master pw)
+        // Rethrow other errors (like canceling entry of a primary pw)
         if (e.result == Cr.NS_ERROR_FAILURE) {
           continue;
         }
diff --git a/toolkit/components/passwordmgr/test/LoginTestUtils.jsm b/toolkit/components/passwordmgr/test/LoginTestUtils.jsm
index 2fee332fe2e9..370116c4f200 100644
--- a/toolkit/components/passwordmgr/test/LoginTestUtils.jsm
+++ b/toolkit/components/passwordmgr/test/LoginTestUtils.jsm
@@ -502,16 +502,16 @@ LoginTestUtils.recipes = {
   },
 };
 
-LoginTestUtils.masterPassword = {
-  masterPassword: "omgsecret!",
+LoginTestUtils.primaryPassword = {
+  primaryPassword: "omgsecret!",
 
   _set(enable, stayLoggedIn) {
     let oldPW, newPW;
     if (enable) {
       oldPW = "";
-      newPW = this.masterPassword;
+      newPW = this.primaryPassword;
     } else {
-      oldPW = this.masterPassword;
+      oldPW = this.primaryPassword;
       newPW = "";
     }
     try {
diff --git a/toolkit/components/passwordmgr/test/browser/browser.ini b/toolkit/components/passwordmgr/test/browser/browser.ini
index b0b5143a69fb..84681865077c 100644
--- a/toolkit/components/passwordmgr/test/browser/browser.ini
+++ b/toolkit/components/passwordmgr/test/browser/browser.ini
@@ -27,7 +27,7 @@ skip-if = !debug && os == "linux" && bits == 64 && os_version == "18.04" # Bug 1
 [browser_autocomplete_import.js]
 https_first_disabled = true
 [browser_autocomplete_insecure_warning.js]
-[browser_autocomplete_master_password.js]
+[browser_autocomplete_primary_password.js]
 [browser_autofill_hidden_document.js]
 https_first_disabled = true
 skip-if =
diff --git a/toolkit/components/passwordmgr/test/browser/browser_autocomplete_master_password.js b/toolkit/components/passwordmgr/test/browser/browser_autocomplete_primary_password.js
similarity index 88%
rename from toolkit/components/passwordmgr/test/browser/browser_autocomplete_master_password.js
rename to toolkit/components/passwordmgr/test/browser/browser_autocomplete_primary_password.js
index 3c467b79b064..9ccd1f3c322d 100644
--- a/toolkit/components/passwordmgr/test/browser/browser_autocomplete_master_password.js
+++ b/toolkit/components/passwordmgr/test/browser/browser_autocomplete_primary_password.js
@@ -9,7 +9,7 @@ const BRAND_BUNDLE = Services.strings.createBundle(
 );
 const BRAND_FULL_NAME = BRAND_BUNDLE.GetStringFromName("brandFullName");
 
-// Waits for the master password prompt and cancels it when close() is called on the return value.
+// Waits for the primary password prompt and cancels it when close() is called on the return value.
 async function waitForDialog() {
   let [subject] = await TestUtils.topicObserved("common-dialog-loaded");
   let dialog = subject.Dialog;
@@ -31,21 +31,21 @@ add_task(async function setup() {
     password: "password",
   });
   Services.logins.addLogin(login);
-  LoginTestUtils.masterPassword.enable();
+  LoginTestUtils.primaryPassword.enable();
 
   registerCleanupFunction(function() {
-    LoginTestUtils.masterPassword.disable();
+    LoginTestUtils.primaryPassword.disable();
   });
 
-  // Set master password prompt timeout to 3s.
+  // Set primary password prompt timeout to 3s.
   // If this test goes intermittent, you likely have to increase this value.
   await SpecialPowers.pushPrefEnv({ set: [[TIMEOUT_PREF, 3000]] });
 });
 
-// Test that autocomplete does not trigger a master password prompt
+// Test that autocomplete does not trigger a primary password prompt
 // for a certain time after it was cancelled.
 add_task(async function test_mpAutocompleteTimeout() {
-  // Wait for initial master password dialog after opening the tab.
+  // Wait for initial primary password dialog after opening the tab.
   let dialogShown = waitForDialog();
 
   await BrowserTestUtils.withNewTab(URL, async function(browser) {
@@ -74,10 +74,10 @@ add_task(async function test_mpAutocompleteTimeout() {
   await new Promise(c => setTimeout(c, 4000));
 });
 
-// Test that autocomplete does not trigger a master password prompt
+// Test that autocomplete does not trigger a primary password prompt
 // if one is already showing.
 add_task(async function test_mpAutocompleteUIBusy() {
-  // Wait for initial master password dialog after adding the login.
+  // Wait for initial primary password dialog after adding the login.
   let dialogShown = waitForDialog();
 
   let win = await BrowserTestUtils.openNewBrowserWindow();
diff --git a/toolkit/components/passwordmgr/test/browser/browser_autofill_hidden_document.js b/toolkit/components/passwordmgr/test/browser/browser_autofill_hidden_document.js
index f897cd174fd9..2df2b2bd3902 100644
--- a/toolkit/components/passwordmgr/test/browser/browser_autofill_hidden_document.js
+++ b/toolkit/components/passwordmgr/test/browser/browser_autofill_hidden_document.js
@@ -17,8 +17,8 @@ async function getDocumentVisibilityState(browser) {
   return visibility;
 }
 
-// Waits for the master password prompt and cancels it.
-function observeMasterPasswordDialog(window, result) {
+// Waits for the primary password prompt and cancels it.
+function observePrimaryPasswordDialog(window, result) {
   let closedPromise;
   function topicObserver(subject) {
     let expected = "Password Required - " + BRAND_FULL_NAME;
@@ -35,12 +35,12 @@ function observeMasterPasswordDialog(window, result) {
 
   let waited = TestUtils.waitForCondition(() => {
     return result.wasShown;
-  }, "Wait for master password dialog");
+  }, "Wait for primary password dialog");
 
   return Promise.all([waited, closedPromise])
     .catch(ex => {
       info(
-        `observeMasterPasswordDialog, caught exception from topicObserved: ${ex}`
+        `observePrimaryPasswordDialog, caught exception from topicObserved: ${ex}`
       );
     })
     .finally(() => {
@@ -157,21 +157,21 @@ testUrls.forEach(testUrl => {
 });
 
 testUrlsWithForm.forEach(testUrl => {
-  add_task(async function test_immediate_autofill_with_masterpassword() {
-    // Set master password prompt timeout to 3s.
+  add_task(async function test_immediate_autofill_with_primarypassword() {
+    // Set primary password prompt timeout to 3s.
     // If this test goes intermittent, you likely have to increase this value.
     await SpecialPowers.pushPrefEnv({
       set: [["signon.masterPasswordReprompt.timeout_ms", 3000]],
     });
 
-    LoginTestUtils.masterPassword.enable();
+    LoginTestUtils.primaryPassword.enable();
     await LoginTestUtils.reloadData();
     info(
-      `Have enabled masterPassword, now isLoggedIn? ${Services.logins.isLoggedIn}`
+      `Have enabled primaryPassword, now isLoggedIn? ${Services.logins.isLoggedIn}`
     );
 
     registerCleanupFunction(async function() {
-      LoginTestUtils.masterPassword.disable();
+      LoginTestUtils.primaryPassword.disable();
       await LoginTestUtils.reloadData();
     });
 
@@ -189,7 +189,7 @@ testUrlsWithForm.forEach(testUrl => {
 
     info(
       "load a background login form tab with a matching saved login " +
-        "and wait to see if the master password dialog is shown"
+        "and wait to see if the primary password dialog is shown"
     );
     is(
       await getDocumentVisibilityState(tab2.linkedBrowser),
@@ -201,7 +201,7 @@ testUrlsWithForm.forEach(testUrl => {
     is(tab1Visibility, "hidden", "The first tab should be backgrounded");
 
     dialogResult = { wasShown: false };
-    dialogObserved = observeMasterPasswordDialog(
+    dialogObserved = observePrimaryPasswordDialog(
       tab1.ownerGlobal,
       dialogResult
     );
diff --git a/toolkit/components/passwordmgr/test/browser/browser_context_menu_generated_password.js b/toolkit/components/passwordmgr/test/browser/browser_context_menu_generated_password.js
index e4cf34b13f04..9cb25216d0ce 100644
--- a/toolkit/components/passwordmgr/test/browser/browser_context_menu_generated_password.js
+++ b/toolkit/components/passwordmgr/test/browser/browser_context_menu_generated_password.js
@@ -91,10 +91,10 @@ add_task(async function test_fill_hidden_by_login_saving_disabled() {
   Services.logins.setLoginSavingEnabled(TEST_ORIGIN, true);
 });
 
-add_task(async function test_fill_hidden_by_locked_master_password() {
+add_task(async function test_fill_hidden_by_locked_primary_password() {
   // test that the generated password option is not present when the user
-  // didn't unlock the master password.
-  LoginTestUtils.masterPassword.enable();
+  // didn't unlock the primary password.
+  LoginTestUtils.primaryPassword.enable();
 
   await BrowserTestUtils.withNewTab(
     {
@@ -122,7 +122,7 @@ add_task(async function test_fill_hidden_by_locked_master_password() {
     }
   );
 
-  LoginTestUtils.masterPassword.disable();
+  LoginTestUtils.primaryPassword.disable();
 });
 
 add_task(async function fill_generated_password_empty_field() {
diff --git a/toolkit/components/passwordmgr/test/browser/browser_doorhanger_form_password_edit.js b/toolkit/components/passwordmgr/test/browser/browser_doorhanger_form_password_edit.js
index 75934332365d..cf0421f64094 100644
--- a/toolkit/components/passwordmgr/test/browser/browser_doorhanger_form_password_edit.js
+++ b/toolkit/components/passwordmgr/test/browser/browser_doorhanger_form_password_edit.js
@@ -357,7 +357,7 @@ for (let testData of testCases) {
       });
       if (!testData.isLoggedIn) {
         // Enable Primary Password
-        LoginTestUtils.masterPassword.enable();
+        LoginTestUtils.primaryPassword.enable();
       }
       for (let passwordFieldType of ["password", "text"]) {
         info(
@@ -369,7 +369,7 @@ for (let testData of testCases) {
         await testPasswordChange(testData, { passwordFieldType });
       }
       if (!testData.isLoggedIn) {
-        LoginTestUtils.masterPassword.disable();
+        LoginTestUtils.primaryPassword.disable();
       }
       await SpecialPowers.popPrefEnv();
     },
diff --git a/toolkit/components/passwordmgr/test/browser/browser_doorhanger_toggles.js b/toolkit/components/passwordmgr/test/browser/browser_doorhanger_toggles.js
index d0f798dc0d71..dcd711c4927e 100644
--- a/toolkit/components/passwordmgr/test/browser/browser_doorhanger_toggles.js
+++ b/toolkit/components/passwordmgr/test/browser/browser_doorhanger_toggles.js
@@ -18,7 +18,7 @@ let testCases = [
      */
     name: "test_toggle_password",
     logins: [],
-    enabledMasterPassword: false,
+    enabledPrimaryPassword: false,
     formDefaults: {},
     formChanges: {
       [passwordInputSelector]: "pw",
@@ -53,11 +53,11 @@ let testCases = [
   },
   {
     /* Test that the doorhanger password toggle checkbox is disabled
-     * when the master password is set.
+     * when the primary password is set.
      */
-    name: "test_checkbox_disabled_if_has_master_password",
+    name: "test_checkbox_disabled_if_has_primary_password",
     logins: [],
-    enabledMasterPassword: true,
+    enabledPrimaryPassword: true,
     formDefaults: {},
     formChanges: {
       [passwordInputSelector]: "pass",
@@ -229,15 +229,15 @@ async function testDoorhangerToggles({
   formDefaults = {},
   formChanges = {},
   expected,
-  enabledMasterPassword,
+  enabledPrimaryPassword,
 }) {
   formChanges = Array.isArray(formChanges) ? formChanges : [formChanges];
 
   for (let login of logins) {
     await LoginTestUtils.addLogin(login);
   }
-  if (enabledMasterPassword) {
-    LoginTestUtils.masterPassword.enable();
+  if (enabledPrimaryPassword) {
+    LoginTestUtils.primaryPassword.enable();
   }
   let formProcessedPromise = listenForTestNotification("FormProcessed");
   await BrowserTestUtils.withNewTab(
@@ -328,8 +328,8 @@ async function testDoorhangerToggles({
     }
   );
   await LoginTestUtils.clearData();
-  if (enabledMasterPassword) {
-    LoginTestUtils.masterPassword.disable();
+  if (enabledPrimaryPassword) {
+    LoginTestUtils.primaryPassword.disable();
   }
   await cleanupPasswordNotifications();
 }
diff --git a/toolkit/components/passwordmgr/test/mochitest/mochitest.ini b/toolkit/components/passwordmgr/test/mochitest/mochitest.ini
index 0609add733d6..9785090857ae 100644
--- a/toolkit/components/passwordmgr/test/mochitest/mochitest.ini
+++ b/toolkit/components/passwordmgr/test/mochitest/mochitest.ini
@@ -192,12 +192,12 @@ skip-if = xorigin
 [test_LoginManagerContent_passwordEditedOrGenerated.html]
 scheme = https
 skip-if = toolkit == 'android' # password generation
-[test_master_password.html]
+[test_primary_password.html]
 scheme = https
 skip-if = os != 'mac' || verify || xorigin # Tests desktop prompts and bug 1333264
 support-files =
   chrome_timeout.js
-  subtst_master_pass.html
+  subtst_primary_pass.html
 [test_maxlength.html]
 [test_munged_values.html]
 scheme = https
diff --git a/toolkit/components/passwordmgr/test/mochitest/pwmgr_common.js b/toolkit/components/passwordmgr/test/mochitest/pwmgr_common.js
index 75a47ef72fec..93c3017ddca6 100644
--- a/toolkit/components/passwordmgr/test/mochitest/pwmgr_common.js
+++ b/toolkit/components/passwordmgr/test/mochitest/pwmgr_common.js
@@ -516,24 +516,24 @@ function registerRunTests(existingPasswordFieldsCount = 0) {
   });
 }
 
-function enableMasterPassword() {
-  setMasterPassword(true);
+function enablePrimaryPassword() {
+  setPrimaryPassword(true);
 }
 
-function disableMasterPassword() {
-  setMasterPassword(false);
+function disablePrimaryPassword() {
+  setPrimaryPassword(false);
 }
 
-function setMasterPassword(enable) {
-  PWMGR_COMMON_PARENT.sendAsyncMessage("setMasterPassword", { enable });
+function setPrimaryPassword(enable) {
+  PWMGR_COMMON_PARENT.sendAsyncMessage("setPrimaryPassword", { enable });
 }
 
 function isLoggedIn() {
   return PWMGR_COMMON_PARENT.sendQuery("isLoggedIn");
 }
 
-function logoutMasterPassword() {
-  runInParent(function parent_logoutMasterPassword() {
+function logoutPrimaryPassword() {
+  runInParent(function parent_logoutPrimaryPassword() {
     var sdr = Cc["@mozilla.org/security/sdr;1"].getService(
       Ci.nsISecretDecoderRing
     );
diff --git a/toolkit/components/passwordmgr/test/mochitest/pwmgr_common_parent.js b/toolkit/components/passwordmgr/test/mochitest/pwmgr_common_parent.js
index 6edb43088355..8c8e7289181b 100644
--- a/toolkit/components/passwordmgr/test/mochitest/pwmgr_common_parent.js
+++ b/toolkit/components/passwordmgr/test/mochitest/pwmgr_common_parent.js
@@ -225,11 +225,11 @@ addMessageListener("isLoggedIn", () => {
   return Services.logins.isLoggedIn;
 });
 
-addMessageListener("setMasterPassword", ({ enable }) => {
+addMessageListener("setPrimaryPassword", ({ enable }) => {
   if (enable) {
-    LoginTestUtils.masterPassword.enable();
+    LoginTestUtils.primaryPassword.enable();
   } else {
-    LoginTestUtils.masterPassword.disable();
+    LoginTestUtils.primaryPassword.disable();
   }
 });
 
diff --git a/toolkit/components/passwordmgr/test/mochitest/subtst_master_pass.html b/toolkit/components/passwordmgr/test/mochitest/subtst_primary_pass.html
similarity index 100%
rename from toolkit/components/passwordmgr/test/mochitest/subtst_master_pass.html
rename to toolkit/components/passwordmgr/test/mochitest/subtst_primary_pass.html
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_master_password.html b/toolkit/components/passwordmgr/test/mochitest/test_primary_password.html
similarity index 94%
rename from toolkit/components/passwordmgr/test/mochitest/test_master_password.html
rename to toolkit/components/passwordmgr/test/mochitest/test_primary_password.html
index e85c5ff398af..06141c04323f 100644
--- a/toolkit/components/passwordmgr/test/mochitest/test_master_password.html
+++ b/toolkit/components/passwordmgr/test/mochitest/test_primary_password.html
@@ -50,9 +50,9 @@ let win = window.open("about:blank");
 SimpleTest.registerCleanupFunction(() => win.close());
 
 add_task(async function setup() {
-  ok(await isLoggedIn(), "should be initially logged in (no MP)");
-  enableMasterPassword();
-  ok(!await isLoggedIn(), "should be logged out after setting MP");
+  ok(await isLoggedIn(), "should be initially logged in (no PP)");
+  enablePrimaryPassword();
+  ok(!await isLoggedIn(), "should be logged out after setting PP");
 });
 
 add_task(async function test_1() {
@@ -74,7 +74,7 @@ add_task(async function test_1() {
   };
   var action = {
     buttonClick: "ok",
-    passField: LoginTestUtils.masterPassword.masterPassword,
+    passField: LoginTestUtils.primaryPassword.primaryPassword,
   };
   var promptDone = handlePrompt(state, action);
 
@@ -84,7 +84,7 @@ add_task(async function test_1() {
   is(logins.length, 3, "expected number of logins");
 
   ok(await isLoggedIn(), "should be logged in after MP prompt");
-  logoutMasterPassword();
+  logoutPrimaryPassword();
   ok(!await isLoggedIn(), "should be logged out");
 });
 
@@ -134,7 +134,7 @@ add_task(async function test_3() {
   };
   var action = {
     buttonClick: "ok",
-    passField: LoginTestUtils.masterPassword.masterPassword,
+    passField: LoginTestUtils.primaryPassword.primaryPassword,
   };
   var promptDone = handlePrompt(state, action);
 
@@ -142,7 +142,7 @@ add_task(async function test_3() {
 
   info("Load a single window to trigger a MP");
   await SimpleTest.promiseFocus(win, true);
-  win.location = exampleCom + "subtst_master_pass.html";
+  win.location = exampleCom + "subtst_primary_pass.html";
 
   await promptDone;
   info("promptDone");
@@ -161,7 +161,7 @@ add_task(async function test_3() {
   });
 
   ok(await isLoggedIn(), "should be logged in");
-  logoutMasterPassword();
+  logoutPrimaryPassword();
   ok(!await isLoggedIn(), "should be logged out");
 });
 
@@ -188,7 +188,7 @@ add_task(async function test_4() {
 
   // first part of loading 2 MP-triggering windows
   await SimpleTest.promiseFocus(win);
-  win.location = exampleOrg + "subtst_master_pass.html";
+  win.location = exampleOrg + "subtst_primary_pass.html";
   // The MP prompt is open but don't take any action yet.
   await promptDone;
 
@@ -210,7 +210,7 @@ add_task(async function test_4() {
 
   // Since the Primary Password prompt is open, we can't focus another tab
   // to load the second form. Instead, we load the same form into an iframe.
-  let url = exampleOrg + "subtst_master_pass.html";
+  let url = exampleOrg + "subtst_primary_pass.html";
   await SpecialPowers.spawn(win, [url], async function(urlF) {
     let iframe = this.content.document.querySelector("iframe");
     var loadPromise = new Promise(resolve => {
@@ -261,7 +261,7 @@ add_task(async function test_4() {
   // fill existing MP dialog with MP.
   action = {
     buttonClick: "ok",
-    passField: LoginTestUtils.masterPassword.masterPassword,
+    passField: LoginTestUtils.primaryPassword.primaryPassword,
   };
   await handlePrompt(state, action);
   await fillPromise;
@@ -302,7 +302,7 @@ add_task(async function test_4() {
 // XXX do a test5ABC with clicking cancel?
 
 SimpleTest.registerCleanupFunction(function finishTest() {
-  disableMasterPassword();
+  disablePrimaryPassword();
 });
 
 </script>
diff --git a/toolkit/components/passwordmgr/test/unit/test_LoginManagerPrompter_getUsernameSuggestions.js b/toolkit/components/passwordmgr/test/unit/test_LoginManagerPrompter_getUsernameSuggestions.js
index a414a6bb29b4..7d1c58164e4c 100644
--- a/toolkit/components/passwordmgr/test/unit/test_LoginManagerPrompter_getUsernameSuggestions.js
+++ b/toolkit/components/passwordmgr/test/unit/test_LoginManagerPrompter_getUsernameSuggestions.js
@@ -163,7 +163,7 @@ async function _test(testCase) {
 
   if (!testCase.isLoggedIn) {
     // Primary Password should be enabled and locked
-    LoginTestUtils.masterPassword.enable();
+    LoginTestUtils.primaryPassword.enable();
   }
 
   info("Computing results");
@@ -176,7 +176,7 @@ async function _test(testCase) {
 
   info("Cleaning up state");
   if (!testCase.isLoggedIn) {
-    LoginTestUtils.masterPassword.disable();
+    LoginTestUtils.primaryPassword.disable();
   }
   LoginTestUtils.clearData();
 }
diff --git a/toolkit/components/passwordmgr/test/unit/test_logins_decrypt_failure.js b/toolkit/components/passwordmgr/test/unit/test_logins_decrypt_failure.js
index 2d6ec432cd82..a925b8a02946 100644
--- a/toolkit/components/passwordmgr/test/unit/test_logins_decrypt_failure.js
+++ b/toolkit/components/passwordmgr/test/unit/test_logins_decrypt_failure.js
@@ -11,9 +11,9 @@
 
 /**
  * Resets the token used to decrypt logins.  This is equivalent to resetting the
- * master password when it is not known.
+ * primary password when it is not known.
  */
-function resetMasterPassword() {
+function resetPrimaryPassword() {
   let token = Cc["@mozilla.org/security/pk11tokendb;1"]
     .getService(Ci.nsIPK11TokenDB)
     .getInternalKeyToken();
@@ -24,7 +24,7 @@ function resetMasterPassword() {
 // Tests
 
 /**
- * Resets the master password after some logins were added to the database.
+ * Resets the primary password after some logins were added to the database.
  */
 add_task(async function test_logins_decrypt_failure() {
   let logins = TestData.loginList();
@@ -33,7 +33,7 @@ add_task(async function test_logins_decrypt_failure() {
   }
 
   // This makes the existing logins non-decryptable.
-  resetMasterPassword();
+  resetPrimaryPassword();
 
   // These functions don't see the non-decryptable entries anymore.
   Assert.equal(Services.logins.getAllLogins().length, 0);
@@ -142,7 +142,7 @@ add_task(function test_add_logins_with_decrypt_failure() {
   );
 
   // This makes the existing login non-decryptable.
-  resetMasterPassword();
+  resetPrimaryPassword();
 
   // We can no longer find it in our search.
   equal(Services.logins.searchLogins(searchProp).length, 0);
@@ -163,7 +163,7 @@ add_task(async function test_sync_metadata_with_decrypt_failure() {
   equal(await Services.logins.getLastSync(), 123);
 
   // This makes the existing login and syncID non-decryptable.
-  resetMasterPassword();
+  resetPrimaryPassword();
 
   // The syncID is now null.
   equal(await Services.logins.getSyncID(), null);