Mozilla adds alerts about recently breached sites into Firefox browser

by Radu Tyrsina
Radu Tyrsina
Radu Tyrsina
CEO & Founder
Radu Tyrsina has been a Windows fan ever since he got his first PC, a Pentium III (a monster at that time). For most of the kids of... read more
Affiliate Disclosure
windows 10 won't allow firefox as default browser

Firefox has announced that it will start to warn users if they visit any breached sites. This is in an attempt to not only make browsing safer for all but to also make users more aware of safety issues while on the net.

Mozilla is also hoping to make people more aware of the need to use strong passwords and of the need to change passwords more frequently than most people do.

Firefox Will Alert You about Breached Sites

As Mozilla says:

Humans make mistakes, and humans make the Internet. Some online services discover, mitigate, and disclose breaches quickly. Others go undetected for years. Recent breaches include “fresh” data, which means victims have less time to change their credentials before they are in the hands of attackers. While old breaches have had more time to make their way into scripted credential stuffing attacks. All breaches are dangerous to users.

How Will Users Be Warned of Breached Sites?

The plan is that a user will see a breach alert for any site that has been added to Have I Been Pwned (HIBP) in the last 12 months. This will only happen if the user has not seen a breach alert for that site.

After the first alert, a user will only be shown sites that have been added to HIBP two months previously. According to Mozilla, “… this 12-month and 2-month policy are reasonable time frames to alert users to both the password-reuse and unchanged-password risks.

How to Find Out If You Have Been Pwned

I think that it is fair to say that I am the average type of computer user. I’m aware that the internet is not a particularly safe place. Also, I am aware that I need to be cautious of using the same password too often (or ever), and I never store financial information online, unless I know that I have protection from unauthorized withdrawals. However, I thought I would see if anyone had got hold of my own data.

First of all, I went to the Mozilla Security Blog to check out the latest info for breached sites alerts. I then clicked on the link for Firefox Monitor, put in my email address, which is not stored, and got the following results.

breached sites

To be honest, and as I do not repeat passwords, I am not particularly bothered about what the hackers got. There was no financial information on those three breached sites. Plus, I didn’t notice anything untoward happening after the breaches. Having said that, knowing that someone out there may have my personal information is a sobering thought.

Firefox Does Not Tell You If You Have Lost Data

Please note that some sites are reporting that Firefox will alert users if they have been hacked. As far as I am aware, this is not correct.

As can be seen from the image above, Firefox Monitor is only telling me that three breached sites have been attacked. There is no mention that hackers have stolen my specific personal data; although, it is reasonable to think it may have been.

And users will have to check that Firefox Monitor is installed on the browser. This can be done by checking whether extensions.fxmonitor.en exists on about:config. 

Of course, if you are a Firefox user, and for some unknown reasons you don’t want to be alerted about breached sites, you can disable the function in the settings.

Have you started to get alerts while using the Firefox browser? What do you think? Is this a great addition to the overall safety of the internet or an unnecessary intrusion? Let us know in the comments below.


This article covers:Topics: