Last year, we reported Mozilla’s partnership with Have I Been Pwned (HIBP) for a password security tool. After a lengthy silence, the functionality is beginning to roll out, and it’ll be called Firefox Monitor.
The solution will roll out to 250,000 users for testing next week and will take the form of a website. After it gets an email address, Firefox Monitor will cross-reference it with a database of site breaches to check if they’ve been compromised. If it comes back positive, the site will offer recommendations such as password changes.
On the surface, Firefox Monitor doesn’t do much that HIBP doesn’t. However, it’s large install base means an important security tool in the hands of millions and notifications of breaches when they happen. At the same time, it will preserve user’s anonymity and won’t transmit email addresses through any third-parties.
“I’m really happy to see Firefox integrating with HIBP in this fashion, not just to get it in front of as many people as possible, but because I have a great deal of respect for their contributions to the technology community,” said HIBP creator and renowned security professional Troy Hunt.
Password Manager Integration
As well as Firefox, HIBP has integration with popular password manager 1Password. The company integrated the service in February, and recently rolled out the functionality to its desktop apps. Now, the service is integrated directly into its Watchdog service, showing notifications next to every password that has been compromised.
It wouldn’t be unthinkable to see more collaborations like this in the future, expanding the coverage of an essential security service as breaches become more common. For now, though, users of Firefox Quantum should keep an eye out. The functionality will roll out primarily to the US, but should come to other regions soon.