Mozilla's engineers are working on a Firefox Alert System, which will show security warnings to users visiting websites that have infringed data.
The alert system will use the data contained in the Have I Been Pwned, a website that includes all known data breaches, and has a search for users who want to see if there are personal information (name, password) on those violations.
Jobs for this project have just begun, and the source code for displaying these warnings is not even included in the basic Firefox code but works separately as an add-on.
"[Breach Alerts] is an addon I'm going to use to prototype an upcoming Firefox feature that alerts users when their credentials may be involved in a data breach," said Mozilla engineer Nihanth Subramanya. description of the add-on.
The code of this add-on is available in GitHub and anyone who wants it can do a compile to get it to Firefox. Please note that only Firefox Developer Edition is currently supported.
The add-on is still in early stages of development and alerts are currently enabled when the user visits a site that is included in the Have I Been Pwned public violation list.
This new warning system will surely shake off the companies that have been tampered with. Have I Been Pwned can offer the same service, but it's not the same. It's very different to display this information from a browser that uses millions of users and shows violations that have happened years ago.
"I'm working with Mozilla on this," said Troy Hunt, the researcher behind Have I Been Pwned.
"We're looking at a few different models of how it might work, but the main achievement is that we intend to display warnings about data that has been directly exposed by the browser," says Hunt.
One thing is for sure that the Mozilla Foundation should pay special attention to how it will display the warnings. It should focus less on the security incident and put more emphasis on encouraging users to change their credentials on infringing websites.
See the add-on Breach Alerts