Skip to main content

Firefox’s new Monitor service will let you know if you’ve been hacked

As part of its efforts to make Firefox users feel more secure while browsing the web, Mozilla is launching Firefox Monitor to let users know if they’ve been hacked. By integrating Firefox Monitor with web service Have I Been Pwned (HIBP), users of Mozilla’s browser can quickly check to see if they’ve been hacked by entering their email address. Mozilla is trialing the Firefox Monitor service right now and will invite 250,000 of the more than 500 million Firefox users to help test the service next week. After the testing period, Mozilla expects the service to roll out to all Firefox users.

“We decided to address a growing need for account security by developing Firefox Monitor, a proposed security tool that is designed for everyone, but offers additional features for Firefox users,” Mozilla wrote in a blog post detailing the service. “Visitors to the Firefox Monitor website will be able to check (by entering an email address) to see if their accounts were included in known data breaches, with details on sites and other sources of breaches and the types of personal data exposed in each breach.”

Related Videos

The service monitors the web to see if your email is part of a data dump, and if it is, Firefox Monitor will send an alert to your inbox. To keep your email address secure when you’re checking Firefox Monitor to see if you’re a victim of a data breach, Mozilla claims that your information is anonymized and that the service never sends your full email address to a third party outside of Mozilla. Email lookups are performed using hashing prefixes to keep your information secure.

“When searching HIBP for a password, the client SHA-1 hashes it then takes the first five characters and sends this to the API,” HIBP creator and security researcher Troy Hunt wrote on his blog. “In response, a collection of hashes is returned that match that prefix (477 on average). By looking at the hash prefix sent to the service, I have no idea what the password is. It could be any one of those 477 or it could be something totally different, I don’t know. Of course, I could always speculate based on the prevalence of each password but it would never be anything more than that — speculation.”

In addition to alerting users if their data is breached, Mozilla said that it is also evaluating a service to notify you if your personal data was also compromised. Part of Mozilla’s security strategy is to integrate HIBP’s service with Firefox Lockbox, a password manager that automatically fills in usernames and passwords for websites that you visit on Firefox. In the future, Firefox Monitor will be able to verify your stored Lockbox logins against the HIBP database to give you a more detailed look at what services, passwords, usernames, and accounts may have been compromised in a data breach or attack.

Mozilla advises users to download the latest Firefox Quantum browser to prepare for the launch of Firefox Monitor.

In addition to partnering with Mozilla for Firefox Monitor, Hunt is also working with password manager 1Password to allow HIBP lookups from directly within 1Password’s Watchtower feature.

Editors' Recommendations

The most common Chromebook problems and how to fix them
A person working on a Toshiba Chromebook.

Chromebooks are great alternatives to MacBooks and Windows 10 laptops, but they aren’t perfect. Any laptop computer is bound to have issues, and some of the most common problems faced by Chromebook users can feel difficult or even impossible to solve on their own. 

From issues with updates to internet connectivity, troubleshooting common Chromebook problems doesn’t have to ruin your day. Read on to discover easy fixes for the most frequent issues Chromebook users face. 
The Diagnostics app

Read more
Hackers are using AI to spread dangerous malware on YouTube
Windows shows a malware warning on a Dell laptop.

YouTube is the latest frontier where AI-generated content is being used to dupe users into downloading malware that can steal their personal information.

As AI generation becomes increasingly popular on several platforms, so does the desire to profit from it in malicious ways. The research firm CloudSEK has observed a 200% to 300% increase in the number of videos on YouTube that include links to popular malware sources such as Vidar, RedLine, and Raccoon directly in the descriptions since November 2022.

Read more
Ranking all 12 versions of Windows, from worst to best
Windows 7 desktop.

You can tell a person's age by which version of Windows is their favorite. I have fond memories of XP and Windows 98 SE, so you can take a guess at mine, but I have colleagues who are much more enamored with Windows 7, or Windows 95. We all have something disparaging to say about Windows 8 though, and the less said about Windows Vista the better.

Ranking the different versions of Windows is about more than what era of computing you grew up in, though. There are some very serious duds in Microsoft's back catalog, just as there are a few wins too. But whether you can look back on some of Microsoft's disastrous releases with rose-tinted glasses, or have some genuine love for Microsoft's missteps, here's every version of Windows ranked from best to worst.
12. Windows ME

Read more