If you’ve been ‘pwned,’ Firefox will let you know. After beta testing the new Firefox Monitor service this summer, Firefox is finally rolling out its credential monitoring tool to all users. Firefox Monitor, which is based on security researcher Troy Hunt’s Have I Been Pwned (HIP) database, will notify you if it spots your email address on the dark web. By alerting users when their credentials are found on the dark web, Firefox hopes that the Monitor service will motivate vigilant consumers to change their passwords to avoid an even larger data breach.
It should be noted that the service is free to all users, and Firefox Monitor, despite the name, isn’t restricted to users of the Firefox browser. Users can type monitor.firefox.com into any browser of choice to enroll in the service. Once you’re on the Firefox Monitor webpage, you can enter your email address. Firefox Monitor will check your email against the database of Have I Been Pwned to see if it’s found on the dark web.
“We’ll let you know if your email address and/or personal info was involved in a publicly known past data breach,” Firefox said in a blog post. “Once you know where your email address was compromised you should change your password and any other place where you’ve used that password.”
As part of Have I Been Pwned, Hunt has collected nearly 520 million email addresses to date from real-world breaches. And even though the Firefox Monitor service doesn’t offer more anything more than Hunt’s service, Firefox hopes that it could leverage its more recognizable name to bring more awareness to the topic.
Even if your email address isn’t found on databases compiled from existing or past breaches, Firefox Monitor will continue to scan your email for future breaches. If you’re a victim in the future, the service will let you know when it learns about it. By being informed of a hack, users can take proactive measures to ensure that their login credentials are safe.
As a general precaution, users can take steps like using unique and complex passwords for each individual site they visit, changing their passwords regularly, and using a password manager to manage all their passwords. Additional security steps include enabling two-factor or multi-factor authentication or using a security key.
“Firefox Monitor is just one of many things we’re rolling out this fall to help people stay safe while online,” the company said. “Recently, we announced our road map to anti-tracking and in the next couple of months, we’ll release more features to arm and protect people’s rights online.”
