When your account has been accessed by an intruder it is very difficult to know whether someone has hacked it. Knowing you have been digitally compromised is a hard thing. That is one of the main reason Mozilla partnered with Cloudflare and Have I Been Pwned? (HIBP) on a new Firefox Monitor security tool that guarantees to securely check to find out if your accounts have been hacked.
HIBP permits you to provide your email address to check if it is present in databases publicly released by hackers. Firefox Monitor makes searching HIBP even more secure and to expand the service’s audience to millions of people.
Firefox Monitor was also designed to prevent third parties from memorizing your email address as you search, so no one will know you’re afraid you’ve been attacked.
Mozilla reports that to begin with it had planned to test Firefox Monitor with around 500,000 people, mostly in the U.S., and it will be limited to the experimental Firefox Quantum browser. Later on, it will be expanded to all Firefox users after checking how the first iteration of the tool works out.
Troy Hunt, creator and operator of HIBP discussed the Mozilla partnership in his blog post.
“I’m really happy to see Firefox integrating with HIBP in this fashion, not just to get it in front of as many people as possible, but because I have a great deal of respect for their contributions to the technology community. In particular, Mozilla was instrumental in the birth of Let’s Encrypt, the free and open certificate authority that’s massively increased the adoption of HTTPS on the web. Arguably, the work done by Mozilla’s Josh Aas and Eric Rescorla (still the Mozilla CTO today) has been one of the greatest contributions to online privacy and security we’ve seen, and Mozilla remains a platinum sponsor to this day.”
He mentioned that HIBP has also been integrated in the online version of 1Password, a password manager available on macOS, Windows and mobile devices. The utility was included as part of 1Password’s Watchtower feature, that focuses on helping the app’s users to check if their passwords are secure, and are hopeful to expand to the desktop versions of 1Password after the online implementation helps the developers work out the kinks.
The expansion of HIBP are likely to make it easier for people to find out if they’ve been affected by a data breach. Companies have become better about informing their users about breaches even then they are not perfect which gives people more ways to investigate their own security is always welcomed.