Firefox Monitor gets resolve feature
Firefox Monitor is a service by Firefox maker Mozilla that allows anyone to check whether an email address or username has been part of a data breach. Mozilla launched Firefox Monitor back in 2018 and integrated the service into the Firefox web browser in the same year.
Anyone may open the Firefox Monitor website to check an email address for breaches and to set up the service to receive emails when account information is found in new data leaks.
Users who sign-up using a Firefox Account -- sign-up is free -- get additional features on top of that. One of the latest features that Mozilla added to the service is a resolve option that you may use to mark any breach as resolved; this is useful to keep an overview of breaches.
Resolved in this context means that you have taken countermeasures to invalidate the leaked password, e.g. by changing the password, closing the account or by enabling two-factor authentication if available.
The new option is highlighted on the dashboard currently. When you scroll down on the page and look at any of the services your data leaked from, you find a new option to mark the breach as resolved. Doing so hides the leak from the dashboard and puts a nice progress bar at the top that indicates the issues that you resolved in percent.
Once you’ve taken the steps you can to address this breach, you can mark it as resolved. You can still access details about the breach from your dashboard at any time.
The general handling of leaked passwords does not change. You should change the account password asap and make sure that you have not used the same email and password combination at other sites; if you have, you should change the password on these sites as well and consider setting up two-factor authentication if available.
Password managers like KeePass help you generate secure unique passwords for each service and store everything securely.
Closing Words
The new option to mark breaches as resolved is useful as it helps with keeping an overview of breaches and separating resolved from unresolved data leaks.
Now You: how do you handle leaks? (via Sören Hentzschel)
> how do you handle leaks?
I use a different password for every service and website I use. For sensitive sites/services, I change that password reasonably frequently. I check HIBP every few months, and if I find a password that I currently use has been leaked, then I’d change it or delete the account. I haven’t had that happen yet, though — so far, every password that has shown up has been a password that I stopped using many months earlier.
Surely an internet browser is exactly that, and should be nothing else from a security/ functionality point of view. I’ve had this neutered for ages along with a few others like pocket and I’m never likely to enable them.
However, the add-ins/ extensions in conjunction with about:config tweaks, have made Firefox a goto browser for the knowledgeable ;)
I don’t like the leaks checker either but not just because it’s bloat: Firefox sending by default data about everybody’s passwords and identifiers to some online service makes me very uncomfortable, even with the k-anonymization techniques used.
This security feature is definitely privacy hostile, like Safebrowsing that informs Google of a big part of downloads by default. Mozilla seems decided to follow the Google design ideology by plugging in as many privacy-questionable online service as possible in their software until we just give up any expectation of fulling knowing what happens to our data when we use it.
@ anonymouse
There are two regular posters on ghacks who would disagree vehemently with you. To them Firefox is the spawn of the devil and should be cast into the fires of hell and you with it !! :)))
Now if you had said that Ungoogled Chromium was the best browser, they would blow you kisses and congratulate you on your wise choice. ;)