Mozilla today announced an exciting new feature coming to future versions of Firefox. The feature is a proposed security tool that uses Troy Hunt’s ‘Have I Been Pwned‘ (HIBP) database to scour the web looking for accounts included in known data breaches.
We first learned of a similar feature last November, when Mozilla announced it would be alerting users when their accounts were breached by pulling from the freely accessible breach API on HIBP. This feature was merely a notification system that alerted users when they visited a breached site.
Now, Mozilla is packing the full power of Hunt’s HIBP service into a secondary site, called Firefox Monitor.
The partnership will allow users to enter an email address to see if their account was part of a known breach. If so, Firefox Monitor will let them know the extent of the personal data exposed, as well as offering recommendations on how to secure their account. Mozilla is also considering a service that would notify people when new breaches include their submitted data.
For now, the system is still very much in the planning and testing phases. Mozilla is working with HIBP and Cloudflare to create a method of anonymized data sharing to ensure each users’ privacy is respected, as is the handling of their submitted data.
The plan is to begin rolling out the Firefox Monitor tool next week to around 250,000 users (mainly in the US).
If successful, the plan is to make the service available to all Firefox users down the road.