Mozilla to embed Have I Been Pwned in new security system

The tool will use Troy Hunt's system to detect accounts embroiled in known data breaches

Mozilla has just unveiled an exciting new upgrade set to debut in future versions of Firefox: a security tool driven by Troy Hunt's "Have I Been Pwned" (HIBP) database.

The overhaul is not unprecedented - back in November 2017, the company announced it would inform users when their accounts had been breached by using the accessible breach API on HIPB. However, this meant users were only notified as and when they visited a breached site. Until now. Mozilla's new system will fully integrate Hunt's lauded HIBP tool into an entirely new site, the ominously named but well-intentioned Firefox Monitor.

The new secondary website will permit users to enter an email address into the database, in order to glean not just whether or not their account was part of a data breach, but if so, to what extent. What's more, users will be offered tailored security recommendations in order to help them shore up their account security.

As a cautionary measure, the tool is being extended to around 250,000 primarily US users, although will no doubt face expansion if well-received. It's a work-in-progress as of yet, and Mozilla is collaborating with HIBP and Cloudflare in order to conceive a method of anonymous data sharing in a bid to ensure ethical data handling and respect of users' privacy.

For his part, Hunt seems enthusiastic. In a blog post entitled "We're Baking Have I Been Pwned into Firefox and IPassword", he said: "This is major because Firefox has an install base of hundreds of millions of people which significantly expands the audience that can be reached once this feature rolls out to the mainstream."

Meanwhile, Mozilla stressed the necessity of such a tool: "From shopping to social media, the average online user will have hundreds of accounts requiring passwords," company spokesperson Peter Dolanjski asserted in a blog post. "At the same time, the number of user data breaches occurring each year continues to rise dramatically [...] We decided to address a growing need for account security by developing Firefox Monitor."

Worried about your increasingly unwieldy portfolio of online accounts? You're certainly not alone. If you can't wait to find out if your passwords are safe, you could just visit the site without Firefox, of course.

Featured Resources

Five lessons learned from the pivot to a distributed workforce

Delivering continuity and scale with a remote work strategy

Download now

Connected experiences in a digital transformation

Enable businesses to meet the demands of the future

Download now

Simplify to secure

Reduce complexity by integrating your security ecosystem

Download now

Enhance the safety and security of your people, assets and operations

Enable a true vision of security with an engineered solution based on hyperconverged and storage platforms

Download now

Recommended

'Largest ever' Magecart hack compromises 2,000 online stores
hacking

'Largest ever' Magecart hack compromises 2,000 online stores

15 Sep 2020
Infocyte integrates with Palo Alto Networks Cortex XSOAR
cyber security

Infocyte integrates with Palo Alto Networks Cortex XSOAR

19 Aug 2020
Andrew Daniels joins Druva as CIO and CISO
Cloud

Andrew Daniels joins Druva as CIO and CISO

22 Jul 2020
University of California gets fleeced by hackers for $1.14 million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020

Most Popular

Accenture ploughs $3 billion into cloud migration support group
digital transformation

Accenture ploughs $3 billion into cloud migration support group

17 Sep 2020
Google Pixel 4a review: A picture-perfect package
Google Android

Google Pixel 4a review: A picture-perfect package

18 Sep 2020
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020