Monday, September 25, 2023

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming Webinars
    • Calendar View
    • On-Demand Webinars
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Content
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
    • Techstrong.tv Podcast
    • TechstrongTV - Twitch
  • Library
  • Related Sites
    • Techstrong Group
    • Cloud Native Now
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
  • Media Kit
  • About
  • Sponsor

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Hot Topics
  • Axiad and Okta Partner to Revolutionize Authentication with Phishing Resistant MFA
  • Cyber Week 2023 & The Israel National Cyber Directorate Presents - Watch Live: Cyber - Week 2023 - Main Plenary, Day 2
  • Data Breaches from MOVEit Zero-Day Still Piling Up
  • Unlock Cyber Security as a Service: 2023 Insights!
  • More iOS Zero Days, More Mercenary Spyware — This Time: Cytrox Predator
SBN News Security Bloggers Network 

Home » Cybersecurity » SBN News » Mozilla Rolls Out Two-Step Verification for Firefox Accounts

SBN

Mozilla Rolls Out Two-Step Verification for Firefox Accounts

by David Bisson on May 23, 2018

Mozilla announced the rollout of two-step verification (2SV) as an optional security feature for all Firefox user accounts.

AWS Builder Community Hub

The engineers at Mozilla Foundation designed the feature without support for SMS-based codes. They likely did so for the same reasons as Twitter when it moved away from this form of verification in December 2017. Criminals previously found ways to steal users’ SMS text messages, thereby enabling attackers to compromise 2SV-protected accounts. This vulnerability led Twitter to make a change in how it handles login verification.

At the time of this writing, Mozilla’s 2SV feature worked with the support of three authentication mobile apps: Google Authenticator, Duo Mobile and Authy 2-Factor Authentication. It’s unknown whether Mozilla intends to add support for additional applications.

Users who’d like to protect their Firefox accounts with two-step verification should download one of the supported authentication mobile apps from their smartphone’s official app store. They should then click the menu button in Mozilla’s Firefox browser, go to preferences and expand the Two-step authentication section. Alternatively, they can visit https://accounts.firefox.com/settings?showTwoStepAuthentication=true.

When the Two-step authentication section appears, users will have the option of enabling the feature. Clicking the “Enable” button will subsequently display a QR code. Users must scan this code with their authentication mobile apps to add their Firefox accounts.

With that process complete, they will need to obtain obtain a six-digit code from their app and use it to confirm setup. They should then save the 10 recovery codes provided by Firefox in a safe location in case they ever lose access to their authentication mobile app.

The setup process for 2SV on Firefox accounts. (Source: Bleeping Computer)

Going forward, when users attempt to log in to their Firefox accounts, they’ll need to generate a one-time passcode using their verified account on their authentication (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/latest-security-news/mozilla-rolls-out-two-step-verification-for-firefox-accounts/

May 23, 2018May 23, 2018 David Bisson Firefox, Latest Security News, Mozilla
  • ← GUEST ESSAY: DHS tackles supply-chain issues over malware-laden smartphones
  • RSA Report: Mobile App Fraud Transactions Increased Over 600 Percent in Three Years →

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

Thu 28

A Guide to Smart Dependency Management

September 28 @ 12:00 pm - 1:00 pm
Oct 03

Way Too Vulnerable: Uncovering the State of the Identity Attack Surface

October 3 @ 11:00 am - 12:00 pm
Oct 11

ASPM: Leveling the AppSec Playing Field

October 11 @ 1:00 pm - 2:00 pm
Oct 16

Shadow Access: Where IAM Meets Cloud Security

October 16 @ 3:00 pm - 4:00 pm
Oct 17

Securing Cloud-Native Applications Across the Software Development Life Cycle

October 17 @ 11:00 am - 12:00 pm
Oct 18

Live Workshop on ‘SCA 2.0’: Using Runtime Analysis to Find High-Risk SCA Vulnerabilities

October 18 @ 12:00 pm - 1:30 pm
Oct 19

Managing Security Posture and Entitlements in the Cloud

October 19 @ 1:00 pm - 2:00 pm
Oct 24

When Seconds Matter: Real-Time Cloud Security With AWS and Sysdig

October 24 @ 11:00 am - 12:00 pm
Oct 24

Reporting From the Pipeline: The State of Software Security in DevOps

October 24 @ 1:00 pm - 2:00 pm
Oct 30

Zero-Trust

October 30 @ 1:00 pm - 2:00 pm

More Webinars

Subscribe to our Newsletters

TSTV Podcast

Most Read on the Boulevard

GitLab Releases Urgent Security Updates for Critical Flaw
How Threat Hunting can Strengthen Your Cybersecurity Posture
Gaming, Financial Services Apps Under Attack
China Accuses US of Years of Cyber-Spying, Malware Campaigns
More iOS Zero Days, More Mercenary Spyware — This Time: Cytrox Predator
Helpdesk Telephone Attack: How to Close Process and Technology Gaps
Improve Your Organization’s Cloud Infrastructure with PeoplActive’s Cloud Consulting Services
A Guide to Understanding the Three CMMC Levels
The Role of AI and Machine Learning in Strengthening Cloud Security
Email Intelligence Dashboard

Download Free eBook

The State of Cloud Native Security 2020

Industry Spotlight

More iOS Zero Days, More Mercenary Spyware — This Time: Cytrox Predator
Analytics & Intelligence API Security Application Security AppSec Cloud Security Cloud Security Cyberlaw Cybersecurity Data Privacy Data Security Deep Fake and Other Social Engineering Tactics Editorial Calendar Endpoint Featured Governance, Risk & Compliance Humor Identity & Access Identity and Access Management Incident Response Industry Spotlight Insider Threats Malware Mobile Security Most Read This Week Network Security News Popular Post Regulatory Compliance Securing the Cloud Securing the Edge Security at the Edge Security Awareness Security Boulevard (Original) Social Engineering Software Supply Chain Security Spotlight Threat Intelligence Threats & Breaches Vulnerabilities Zero-Trust 

More iOS Zero Days, More Mercenary Spyware — This Time: Cytrox Predator

September 25, 2023 Richi Jennings | Yesterday 0
Google: Chromebooks Will Get 10 Years of Software, Security Updates
Application Security Cybersecurity Data Security Endpoint Featured Industry Spotlight Malware Mobile Security Network Security News Security Boulevard (Original) Spotlight 

Google: Chromebooks Will Get 10 Years of Software, Security Updates

September 19, 2023 Jeffrey Burt | Sep 19 0
Group Allegedly Behind MGM, Caesars Attacks is Fairly New to Ransomware
Cloud Security Cybersecurity Data Security Featured Identity & Access Industry Spotlight Malware Mobile Security Network Security News Security Awareness Security Boulevard (Original) Social Engineering Spotlight Threats & Breaches 

Group Allegedly Behind MGM, Caesars Attacks is Fairly New to Ransomware

September 18, 2023 Jeffrey Burt | Sep 18 0

Top Stories

Data Breaches from MOVEit Zero-Day Still Piling Up
Cybersecurity Data Security Featured Incident Response Malware Network Security News Security Boulevard (Original) Spotlight Threats & Breaches 

Data Breaches from MOVEit Zero-Day Still Piling Up

September 25, 2023 Jeffrey Burt | Yesterday 0
Qakbot Takedown Resembles Hack Back, Will Botnet, Malware Be Resurrected?
Analytics & Intelligence Application Security Cyberlaw Cybersecurity Data Security Featured Governance, Risk & Compliance Incident Response Malware News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Qakbot Takedown Resembles Hack Back, Will Botnet, Malware Be Resurrected?

September 25, 2023 Teri Robinson | Yesterday 0
China Accuses US of Years of Cyber-Spying, Malware Campaigns
Cybersecurity Data Security Featured Identity & Access Malware Network Security News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches 

China Accuses US of Years of Cyber-Spying, Malware Campaigns

September 22, 2023 Jeffrey Burt | 3 days ago 0

Security Humor

Ahmed El-Tantawy

More iOS Zero Days, More Mercenary Spyware — This Time: Cytrox Predator

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Cloud Native Now
  • DevOps.com
  • Digital CxO
  • Techstrong Research
  • Techstrong TV
  • Techstrong.tv Podcast
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
Powered by Techstrong Group
Copyright © 2023 Techstrong Group Inc. All rights reserved.