Firefox Monitor, What it is, How it Works and How it Helps You Learn More about Data Theft

125

Mozilla launches a service identical to Have I been pwned (based on its database) to help users become aware of the problem related to data theft, secure and unique passwords, and the use of solutions for two-factor authentication.Over time, we have repeatedly reported attackers, with the consequent theft of personal data, which involved online service providers at various levels.

We also told you about Have I Been Pwned, a tool that allows you to know if your email addresses had been involved in some data theft on servers administered by third parties ( data breach ).

Have I been Pwned, as noted several times, does not indicate a violation possibly suffered by the user account itself, but rather whether one’s data (email addresses, passwords, credit card numbers, addresses, and other confidential information) may be looted in the course of some successful attack on some provider?

Suppose you have used a Gmail account to register on a cloud service (other than those that Google makes available) that allows online content sharing. It is assumed that this second service is subject to a cyber attack with the consequent theft of data: if the same access password is not used on the Gmail account, its content is safe while the data provided to the service may not be. Third-party cloud.

Firefox Monitor, What it is, How it Works and How it Helps You Learn More about Data Theft

What is fundamental is to use secure passwords to register on any service and refrain from reusing the same passwords on multiple services.

As we anticipated some time ago, Mozilla has signed a partnership with the author of Have I Been Pwned and today launched the new Firefox Monitor service.

Compared to Have I Been Pwned, there is nothing different, at least at present.

By pointing your browser to the Firefox Monitor home page and entering your email addresses in the search box, you can check the email accounts appearing in some previous data breach.

The database from which Firefox Monitor draws is the same as Have I Been Pwned: it will benefit from all future updates.

As in the case of have I been pwned and Pwned Passwords, even Firefox Monitor does not manage the user’s email address as it is but generates a hash of it which is subsequently compared with what is present in the database. In this way, the user can be sure that not even his email address can be shared with third parties.

By clicking on the Signup button, you can receive an email directly from Mozilla if new references to your accounts appear in the Have I been pwned database.

In case Firefox Monitor shows the message “Your accounts were compromised in the following breaches, “it is good to perform some steps:

Third parties stole-Check-in which data breaches your data.

  • Change the password used to access the service in question.
  • Activate if possible two-factor authentication on this service.
  • Ensure that the same password is not used to authenticate to other services to which you were previously or subsequently recorded.
  • Change passwords immediately on services where you were using the same credentials.
  • Make sure you are using long and complex passwords.
  • Enable two-factor authentication on the services that allow you to do so.

At this point, it remains to be understood how Firefox Monitor will eventually be integrated into the foundation’s browser: perhaps you are thinking of providing a notification to the user when he enters an email address involved in some data theft?