Thanks for reporting this. Can you do one more favor? Can you open the Javascript Console before you run these two tests? In Windows Firefox, this is found in Tools->Javascript Console, but in Linux it might be under Edit or View.
Then run the tests and tell me if any Javascript errors from PasswordMaker appear. It's not important if there are any from the website(s) themselves.
In Linux it's also in the Tools menu.
Sorry, no PasswordMaker errors whatsoever. Nor warnings or messages. I checked both bugs.
One more detail: the decryption of the password works when I press the cool key. By this I mean, when the encrypted value appears in the password field, the file is already double envrypted, thus the first encryption will be calculated from that value.
Thus: only when I open an account, the encrypted value is loaded directly instead of being decrypted, but when I click OK to close the dialog it will be encrypted, thus creating the double encryption. Opening an account and closing it several times will result in a very long string inside the rdf file.
Here's yet another temporary workaround:
After setting up the account with the custom password in the advanced auot-population field, close the dialog and never open it again. If you do open it, you must delete the stored password and set it up again (every time).
If you do it this way, you cannot use the link in the General tab to navigate to that site. (@Mike: that's why it didn't work when we tested it. It would have worked if we hadn't opened the account dialog.)