Mozilla to embed Have I Been Pwned in new security system

By on
Mozilla to embed Have I Been Pwned in new security system

Mozilla has just unveiled an exciting new upgrade set to debut in future versions of Firefox: a security tool driven by Troy Hunt's "Have I Been Pwned" (HIBP) database.

The overhaul is not unprecedented - back in November 2017, the company announced it would inform users when their accounts had been breached by using the accessible breach API on HIPB. However, this meant users were only notified as and when they visited a breached site. Until now. Mozilla's new system will fully integrate Hunt's lauded HIBP tool into an entirely new site, the ominously named but well-intentioned Firefox Monitor.

The new secondary website will permit users to enter an email address into the database, in order to glean not just whether or not their account was part of a data breach, but if so, to what extent. What's more, users will be offered tailored security recommendations in order to help them shore up their account security.

As a cautionary measure, the tool is being extended to around 250,000 primarily US users, although will no doubt face expansion if well-received. It's a work-in-progress as of yet, and Mozilla is collaborating with HIBP and Cloudflare in order to conceive a method of anonymous data sharing in a bid to ensure ethical data handling and respect of users' privacy.

For his part, Hunt seems enthusiastic. In a blog post entitled "We're Baking Have I Been Pwned into Firefox and IPassword", he said: "This is major because Firefox has an install base of hundreds of millions of people which significantly expands the audience that can be reached once this feature rolls out to the mainstream."

Meanwhile, Mozilla stressed the necessity of such a tool: "From shopping to social media, the average online user will have hundreds of accounts requiring passwords," company spokesperson Peter Dolanjski asserted in a blog post. "At the same time, the number of user data breaches occurring each year continues to rise dramatically [...] We decided to address a growing need for account security by developing Firefox Monitor."

Worried about your increasingly unwieldy portfolio of online accounts? You're certainly not alone. If you can't wait to find out if your passwords are safe, you could just visit the site without Firefox, of course.

This article originally appeared at itpro.co.uk

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © ITPro, Dennis Publishing
Tags:

Most Read Articles

You must be a registered member of CRN to post a comment.
| Register

Poll

What's your top marketing tactic for 2020?
Long lunches with customers and prospects
Content marketing to drive website visits
Social media
More use of CRM
Word of mouth
Online ads
View poll archive

Log In

Username / Email:
Password:
  |  Forgot your password?