Mozilla has launched a new free service that will inform users if their personal information has been compromised in any data breaches. The new service, which has been in testing for the past few months, is called Firefox Monitor.
Here’s what Firefox Monitor does
Firefox Monitor utilizes Troy Hunt’s Have I Been Pwned (HIBP) database to let you know if your information has been compromised. The new service also allows users to sign up for notifications if their email addresses are part of any future breaches. To check if you were exposed in any data breaches, all you need to do is enter your email ID.
“Firefox Monitor arms you with tools to keep your personal information safe. Find out what hackers already know about you and learn how to stay a step ahead of them,” the Firefox Monitor website states.
Jim Chanos At Invest For Kids: Short This Tech Company As Profits Slump
At this year's Invest For Kids conference, hedge fund manager Jim Chanos pitched a tech giant as his favorite short idea. Jim Chanos is a Wall Street legend. The president and founder of Kynikos Associates made his name shorting Enron in the 1990s. He has since identified some of the most profitable shorts in the Read More
The Mozilla and HIBP partnership will also notify Firefox uses when they visit a website affected by a past breach.
Firefox Monitor follows a strict level of privacy even while sharing information with partner HIBP. To ensure users’ email addresses are kept secret, Firefox Monitor uses hash range query API endpoints, which means it sends only the first few characters of your hashed email as a query.
HIBP then matches the entries with its database and sends a reply in the form of a series of hash suffixes of the breached accounts. Mozilla then verifies the information to check if user information has been compromised. Such a process ensures that no information (even the hashed email addresses) is shared with any third-party service.
How the new service helps
Mozilla’s new service is a much-needed offering. Presently, more and more databases containing hacked user credentials, including information like email addresses, credit card information and more, are being illegally hosted on the web. Using the same passwords for different sites is not advisable, but many still do it because it’s convenient. However, such a practice makes you vulnerable if your password has been compromised once.
Mozilla’s main intention with a service like Firefox Monitor is to allow users to respond in a timely manner if their information is compromised. A timely notification alerts users to change their passwords and adopt additional security measures, like two-factor authentication (2FA).
Firefox Monitor also brings the HIBP-like service to a wider audience. The browser is used by hundreds of millions of people globally, although it must be noted that Firefox Monitor is not restricted to the Firefox browser. It is a web page which can be accessed from any browser.
“Firefox has an install base of hundreds of millions of people, which significantly expands the audience that can be reached once this feature rolls out to the mainstream,” Hunt said in a blog post announcing the partnership with Mozilla.
Firefox Monitor is just the start
Mozilla claims Firefox Monitor is just one of the new data and privacy features it plans to come up with in the next few months. Users today are more and more concerned about their privacy, and Mozilla wants to benefit from this by giving them a tool that could help reduce their concerns.
“This is the first phase of Firefox Monitor to help all consumers be more aware of when they are involved with data breaches. We plan to have more features rolled out in the next couple of months for Firefox,” Mozilla said.
Mozilla is the not the only browser focusing on user security. Rival Google Chrome is also beefing up features to fix issues with loose passwords. Recently, Chrome added a password generator directly in the browser to help users create secure passwords.
Along with checking your email ID for a data breach, Hunt also has a feature to check if the password you are using is among those which have already been decoded. Hunt’s Pwned Passwords service allow users to check if their password is among the 517.2 million passwords collected from real-world data breaches. Such a feature could be a useful add-on for any browser to steer users away from compromised or weak passwords.