Mozilla today announced a new recovery option for Firefox accounts in the user system included in the Firefox browser.
From today, users can create a one-day recovery key for their account that they can use to access Firefox data if they have forgotten their passwords.
Firefox user accounts are included in all recent versions of the browser. Most users are aware of the feature due to Firefox Sync, the system that synchronizes browser data such as passwords, browsing history, open tabs, bookmarks, installed add-ons, and general browser settings.
Firefox sync works with the user's account name and password and encrypts browser data directly to the local computer.
Only after encryption the data will be sent to the Mozilla Foundation's servers for storage. Thus no one can access the data without the user's password, which acts as a decryption key. So if Firefox is installed on a new device, no one can download and decrypt the previous browser data without its Firefox account password.
But starting today, the Mozilla Foundation has introduced a new feature called "recovery key" for Firefox accounts. Browser users can create a recovery key, which serves as a secondary decryption key for their data, in case they forget their Firefox account password.
The Firefox recovery key is similar to the recovery codes used by the two-factor authentication settings in most Internet services. Firefox users should store the key (preferably encrypted) somewhere on the internet or on a secondary device.
The Mozilla Foundation reports that a recovery key can only be used once and that users will be able to create a new key after using the previous one. Instructions on how to create these keys can be found in support page of Firefox.