As part of its efforts to make Firefox users feel more secure while browsing the web, Mozilla is launching Firefox Monitor to let users know if they’ve been hacked. By integrating Firefox Monitor with web service Have I Been Pwned (HIBP), users of Mozilla’s browser can quickly check to see if they’ve been hacked by entering their email address. Mozilla is trialing the Firefox Monitor service right now and will invite 250,000 of the more than 500 million Firefox users to help test the service next week. After the testing period, Mozilla expects the service to roll out to all Firefox users.
“We decided to address a growing need for account security by developing Firefox Monitor, a proposed security tool that is designed for everyone, but offers additional features for Firefox users,” Mozilla wrote in a blog post detailing the service. “Visitors to the
The service monitors the web to see if your email is part of a data dump, and if it is, Firefox Monitor will send an alert to your inbox. To keep your email address secure when you’re checking
“When searching HIBP for a password, the client SHA-1 hashes it then takes the first five characters and sends this to the API,” HIBP creator and security researcher Troy Hunt wrote on his blog. “In response, a collection of hashes is returned that match that prefix (477 on average). By looking at the hash prefix sent to the service, I have no idea what the password is. It could be any one of those 477 or it could be something totally different, I don’t know. Of course, I could always speculate based on the prevalence of each password but it would never be anything more than that — speculation.”
In addition to alerting users if their data is breached, Mozilla said that it is also evaluating a service to notify you if your personal data was also compromised. Part of Mozilla’s security strategy is to integrate HIBP’s service with Firefox Lockbox, a password manager that automatically fills in usernames and passwords for websites that you visit on
Mozilla advises users to download the latest Firefox Quantum browser to prepare for the launch of Firefox Monitor.
In addition to partnering with Mozilla for Firefox Monitor, Hunt is also working with password manager 1Password to allow HIBP lookups from directly within 1Password’s Watchtower feature.
- The best password managers for 2019
- Private data of some Facebook and Twitter users leaked through malicious apps
- LastPass vs. 1Password
- How to prevent your Ring smart cameras from being hacked
- Here’s how to claim $100 or more from Yahoo’s massive data breach settlement