Here is the issue: RSFirewall! has a system lockdown function; you can disable key aspects of Joomla that make your site harder to hack. This is a good thing. RSFirewall! has a master password function; you need to enter in a master password (if you create one) to change the component settings. This is also a good thing. However, when creating a master password, the characters you are entering are masked and there is no field to re-enter your password. So if you enable the system lockdown then mistype when you create a master password you won't know it until you go to log into the application. At which point you would not be able to do anything -- there isn't even the extra security questions to enable you to retrieve your master password -- you know like, "what is your favorite restaurant?" etc -- that you see on some banking sites.
I would love to see this issue resolved --either by having an option to unmask the password when you create it or a field to re-enter the password AND some sort of password retrieval option (security questions, email, something) in the unlikely event you forget your password or type in the wrong one.
If this one issue were fixed, I would give this application 5 stars -- it is great! Just with one MAJOR issue waiting to go awry.
This review is pointless and should be removed, because is totally wrong. There is an article in the documentation that explains how to clear the master password: