Browser-maker Mozilla has made good on the promise of a partnership with security researcher Troy Hunt, launching a service to alert users if their email addresses and passwords have been disclosed as part of a breach tracked by Hunt's Have I Been Pwned service.
Mozilla and security researcher Troy Hunt, whose Have I Been Pwned service allows users to receive alerts if their email addresses have been found in leaked password lists disseminated following breaches on large service providers, confirmed a partnership to bring enhanced security to Firefox earlier this year. Following a period of testing, the pair have now announced the result: Firefox Monitor, a web service which checks accounts against the Have I Been Pwned database.
Considering Mozilla makes its own web browser, though, the lack of integration may come as a surprise to many: While it was expected that Mozilla would launch an update to Firefox or an add-on compatible with same that would automatically compare users' credentials against the database, it has instead opted to launch a stand-alone web service - and one which effectively duplicates the capabilities of Hunt's Have I Been Pwned under Firefox branding.
The Firefox Monitor system, like Have I Been Pwned itself, works on two levels: Users can enter an email address for a one-off scan against the leaked credentials database; alternatively, users can sign up in order to have addresses automatically scanned against the database each time a new breach is discovered and receive an email report. Signing up also registers the user for 'safety tips from Firefox monitor', though the option to also receive Mozilla and Firefox newsletters is deselected by default.