Two Platforms Collaborate to Boost Password Security

Firefox & Have I Been Pwned Join Forces

Firefox, one of the top desktop browsers, is partnering with Have I Been Pwned to boost password security.  The browser is enhancing its Firefox Monitor and Lockwise features to notify consumers if their login credentials stored within their browser have been compromised in breaches over the last 12 months. 

The new version of Firefox, deemed Firefox 70, will scan the 8 billion breached email addresses and passwords stored within Have I Been Pwned database. If a match is found, it will alert users their information has been compromised as a result of a data breach. From there, the user will be prompted to change their passwords.

Enhancing Password Security – Is This Enough?

The looming question is still, is this enough to really increase users’ password security?  In a survey conducted by PC Matic, it was shown that 50% of users will only change their passwords if they are forced to do so.  Although this prompt may bring it to users’ attention, the likelihood of them actually taking the steps necessary to change the password is minimal, as it will not actually force them to do so. 

4,508 total views, 6 views today

(Visited 1 times, 1 visits today)

11 thoughts on “Two Platforms Collaborate to Boost Password Security

  1. One thing to avoid is those sites that offer a Password Generator tool.
    Many Hackers are setting up these Websites
    And then they have that newly generated password

  2. Not simple. Pwned reports that I have been pwned, but not on what site, nor whether it matters two hoots. (If somebody wants to steal my password on a site for vintage vacuum cleaners, (and, yes, I had to sign up complete with p/w for this site in the past), they are welcome to it.) I have different p/ws for any site which matters; I have no intention of changing every one of them in case it might be one of them which was hacked, when all that was stolen was my vintage vacuum credentials.

  3. If anyone is interested, Amazon sells all kinds of password (phone) books. From desk size and smaller. I bought one for my whole family as Christmas gifts. (small ones, about 4″ x 6″) I always write my log-in info and web address in pen, then write the password in pencil to make it so much easier to change and keep track of.

  4. Consider applications like RoboForm where passwords are stored safely and are accessible to you only (secured by a master password, of course). I’ve been using it for years and I strongly recommend it.

  5. Random words which are significant to the user, like hospital or pharmacy name, followed by vehicle licence plate – nobody forgets that off their first car.Basically stuff nobody is likely to guess, no algorithm is going to throw up in sequence and hopefully nothing you have stashed on social media. A hacker either human or automated can’t really get inside my memory. (Can it?) Tell me the flaw in that system and I’ll change my ways.

  6. Passwords – the bane of my life.
    If I am on the web I find almost all sites require a login, sighn in, or password.
    Then if I proceed I need to ferret around & find a password that I may not have used in many months.
    Last Pass is what I use to record the password but accessing is time consuming. Often in fact I fail to find the password I want but can never fathom why.

  7. Passwords are like padlocks. They are designed to keep honest people out. This works for the majority of the population. They make it harder for dishonest people to get in. This means the bad guys will have to work harder to get in. This is enough to discourage many of them because the required effort to get in isn’t worth it.

    Any cyber security technique simply raises the effort required to bypass it. If the security raises the cost enough, the bad guys will stay out rather than put in the effort.
    So passwords, even simple ones are adequate protection for many purposes. A four digit password (PIN) will protect a bank card since in addition to the PIN, you need physical access to the card and this is very hard to get undetected unless you use force, and in that case, you will probably be able to convince the user you are robbing to follow the rest of the access procedure. (And of course, if you lose the card, cancelling it will protect your account).
    You only need enough security for the job, and sometimes a short simple password is enough. Other times when the reward for getting in is high and people are willing to invest more effort, better security is needed.

  8. Passwords generally are a bad idea. If you can remember them they are to simple, if complex you have to store them somwhere.
    The sites that use them in plain text are worthless, as the results on the dark web has shown. Why are there no legal requirements for hashing?
    Fingerprint and facial scanners are neither secure. They are just like keys that can be stolen and are like “user names” at best.
    Use of bank tokens should be standard.

  9. I say your add on TV decided to enroll filled out everything could not get order threw I can not find a phone number to talk to some one My phone 979 *** **** and Email below help

    Edited by admin to remove personal details.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.