Mozilla to embed Have I Been Pwned in new security system

The tool will use Troy Hunt's system to detect accounts embroiled in known data breaches

Mozilla has just unveiled an exciting new upgrade set to debut in future versions of Firefox: a security tool driven by Troy Hunt's "Have I Been Pwned" (HIBP) database.

The overhaul is not unprecedented - back in November 2017, the company announced it would inform users when their accounts had been breached by using the accessible breach API on HIPB. However, this meant users were only notified as and when they visited a breached site. Until now. Mozilla's new system will fully integrate Hunt's lauded HIBP tool into an entirely new site, the ominously named but well-intentioned Firefox Monitor.

The new secondary website will permit users to enter an email address into the database, in order to glean not just whether or not their account was part of a data breach, but if so, to what extent. What's more, users will be offered tailored security recommendations in order to help them shore up their account security.

As a cautionary measure, the tool is being extended to around 250,000 primarily US users, although will no doubt face expansion if well-received. It's a work-in-progress as of yet, and Mozilla is collaborating with HIBP and Cloudflare in order to conceive a method of anonymous data sharing in a bid to ensure ethical data handling and respect of users' privacy.

Advertisement - Article continues below
Advertisement - Article continues below

For his part, Hunt seems enthusiastic. In a blog post entitled "We're Baking Have I Been Pwned into Firefox and IPassword", he said: "This is major because Firefox has an install base of hundreds of millions of people which significantly expands the audience that can be reached once this feature rolls out to the mainstream."

Meanwhile, Mozilla stressed the necessity of such a tool: "From shopping to social media, the average online user will have hundreds of accounts requiring passwords," company spokesperson Peter Dolanjski asserted in a blog post. "At the same time, the number of user data breaches occurring each year continues to rise dramatically [...] We decided to address a growing need for account security by developing Firefox Monitor."

Worried about your increasingly unwieldy portfolio of online accounts? You're certainly not alone. If you can't wait to find out if your passwords are safe, you could just visit the site without Firefox, of course.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now


internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Microsoft Windows

Memes and Viking funerals: The internet reacts to the death of Windows 7

14 Jan 2020
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020