From now on, Firefox users will receive a warning if they’re about to visit a recently breached website, which is a notable improvement in the cybersecurity department.
In September, Firefox Monitor was launched, which is a nice way to find out whether a particular email address was involved in a breach. Users are also given the option of signing up to an email alerting service which allows them to be alerted whenever their credentials were included in a breach.
We can expect to see the new features being rolled out in the next couple of weeks.
Here’s how it’s going to work: whenever you land on a website that has been compromised in the past, you will receive a notification. You will also be prompted to visit the Check Firefox Monitor website to see whether you’ve been affected by that breach.
Still, there’s a limit in terms of how long these messages will keep showing up. In other words, if a particular website was breached more than 12 months ago, you will not see any notifications. The notification feature is designed to pull info from the Have I Been Pwned website and only includes websites that have been added to it in the last 12 months.
According to Luke Crouch, Mozilla privacy engineer, this is a reasonable timeframe to alert the users of the unchanged password and password reuse risks. A longer timeframe would simply create unneeded noise around websites that have long since been patched and taken the necessary steps to protect their users.