New Security Features in Firefox 70
Firefox 70, which is expected to be released in October this year, will notify users if the saved login credentials were part of any data breach. Secondly, it will also prompt users if they have landed on an insecure page. The company has partnered with popular data breach site, Have I Been Pwned, to notify users if their saved logins were found in data breaches. First, Firefox browser will scan all the saved login credentials and check if any of them listed on Have I Been Pwned. To start with, Firefox will scan the saved login credentials to see if they were exposed in a data breach listed on Have I been Pwned. If one is found, the browser will alert the user and suggest him/her change the password. To let the whole process work smoothly, Mozilla will integrate their Firefox Monitor service and the new Firefox Lockwise password manager into the Firefox browser. Furthermore, Mozilla will also add an alert icon next to the account profile in Firefox Lockwise. You can click on the saved login to access the subpanel that displays an alert that the “Passwords were leaked or stolen” as part of a data breach. Firefox users will get a ‘protection report’ containing data breaches details where login credentials are will be involved in. After Google, Mozilla has also decided to show ‘not secure’ label for all HTTP web pages starting from Firefox 70. Earlier, Firefox was only showing ‘not secure’ for HTTP pages that contained forms or log in fields. According to a report by ZDNet, “Mozilla argued that since more than 80% of all internet pages are now served via HTTPS, users don’t need a positive indicator for HTTPS anymore, but a negative one for HTTP connections.” “In desktop Firefox 70, we intend to show an icon in the ‘identity block’ (the left-hand side of the URL bar which is used to display security/privacy information) that marks all sites served over HTTP (as well as FTP and certificate errors) as insecure,“ Firefox developer Johann Hofmann said. Mozilla started working on these developments along with the addition of flags in the about:config section in December 2017. “This is an excellent move by Mozilla and a step in the direction to have a secure by default web”. There are many who still do not realize the potential implications of using sites over HTTP,” said Sean Wright and infosec researcher to Forbes. Also Read: Mozilla Launches Firefox Send: A Free Encrypted File Sharing Service Wright has also warned the users that even you are browsing an HTTPS site, it does not mean you are fully secured. These sites may also be attacked or hackers can purchase the certificates to mark a website as ‘secure’. Hence, you have to be cautious while sharing your sensitive credentials on any website. Anyway, how often you use the Firefox browser? Do let us know in the comments below.