Saturday, June 6, 2020
  • Why Active Directory Struggles with Remote Work
  • D-Day, Operation Overlord, June 6, 1944
  • The Capital One Data Breach a Year Later: A Look at What Went Wrong and Practical Guidance to Avoid a Breach of Your Own
  • True IT Stories: Creative WFH Solutions
  • Evasion Tactics in Hybrid Credit Card Skimmers

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
  • Library
  • Related Sites
    • MediaOps Inc.
    • DevOps.com
    • Container Journal
    • Digital Anarchist
    • SweetCode.io
  • Media Kit

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
SBN News Security Bloggers Network 

Home » Cybersecurity » SBN News » Mozilla Rolls Out Two-Step Verification for Firefox Accounts

Mozilla Rolls Out Two-Step Verification for Firefox Accounts

by David Bisson on May 23, 2018

Mozilla announced the rollout of two-step verification (2SV) as an optional security feature for all Firefox user accounts.

The engineers at Mozilla Foundation designed the feature without support for SMS-based codes. They likely did so for the same reasons as Twitter when it moved away from this form of verification in December 2017. Criminals previously found ways to steal users’ SMS text messages, thereby enabling attackers to compromise 2SV-protected accounts. This vulnerability led Twitter to make a change in how it handles login verification.

At the time of this writing, Mozilla’s 2SV feature worked with the support of three authentication mobile apps: Google Authenticator, Duo Mobile and Authy 2-Factor Authentication. It’s unknown whether Mozilla intends to add support for additional applications.

Users who’d like to protect their Firefox accounts with two-step verification should download one of the supported authentication mobile apps from their smartphone’s official app store. They should then click the menu button in Mozilla’s Firefox browser, go to preferences and expand the Two-step authentication section. Alternatively, they can visit https://accounts.firefox.com/settings?showTwoStepAuthentication=true.

When the Two-step authentication section appears, users will have the option of enabling the feature. Clicking the “Enable” button will subsequently display a QR code. Users must scan this code with their authentication mobile apps to add their Firefox accounts.

With that process complete, they will need to obtain obtain a six-digit code from their app and use it to confirm setup. They should then save the 10 recovery codes provided by Firefox in a safe location in case they ever lose access to their authentication mobile app.

The setup process for 2SV on Firefox accounts. (Source: Bleeping Computer)

Going forward, when users attempt to log in to their Firefox accounts, they’ll need to generate a one-time passcode using their verified account on their authentication (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/latest-security-news/mozilla-rolls-out-two-step-verification-for-firefox-accounts/

May 23, 2018May 23, 2018 David Bisson Firefox, Latest Security News, Mozilla
  • ← GUEST ESSAY: DHS tackles supply-chain issues over malware-laden smartphones
  • RSA Report: Mobile App Fraud Transactions Increased Over 600 Percent in Three Years →

TechStrong TV – Live Streaming

TechStrong TV - All Episodes

The Adventures of Microservice - Latest Episode

Risk Mitigation

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

Identity Theft, Fraud Exploding in 2020 
Is Your Company Ready for SOAR?
Assessing Security Protocols During Remote Work
Challenges of a New CISO: The First Year
Automation: Helping Speed Vulnerability Response
Encryption = Privacy ≠ Security
Cyber Security Roundup for June 2020
How to Find & Fix WordPress Pharma Hack
8 Most Common Attack Vectors
CCPA enforcement begins in July – and this time it’s for real

Upcoming Webinars

Wed 17

Threat-Informed Defense: Transforming the Security Organization As We Know It

June 17 @ 3:00 pm - 4:00 pm
Jul 01

How I Achieved Security Discipline and Governance Across AWS, Azure, and GCP

July 1 @ 3:00 pm - 4:00 pm

More Webinars

Download Free eBook

7 Must-Read eBooks for Security Professionals

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

Why Ransomware Isn’t Going Away Anytime Soon
Cybersecurity Industry Spotlight Security Boulevard (Original) Threats & Breaches 

Why Ransomware Isn’t Going Away Anytime Soon

June 5, 2020 Todd Wade | Yesterday 0
Automation: Helping Speed Vulnerability Response
Cybersecurity Incident Response Industry Spotlight Security Boulevard (Original) 

Automation: Helping Speed Vulnerability Response

June 4, 2020 Barbara Kay | 2 days ago 0
Challenges of a New CISO: The First Year
CISO Suite Cybersecurity Industry Spotlight Security Boulevard (Original) 

Challenges of a New CISO: The First Year

June 3, 2020 Jason Hicks | 3 days ago 0

Top Stories

Who’s DDoSing Anti-Racism Groups?
Analytics & Intelligence Cybersecurity Featured News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Who’s DDoSing Anti-Racism Groups?

June 5, 2020 Richi Jennings | Yesterday 0
Zoom’s New Model is Making Heads Hurt
Application Security Cloud Security Cybersecurity Data Security Featured Governance, Risk & Compliance News Security Boulevard (Original) Spotlight 

Zoom’s New Model is Making Heads Hurt

June 1, 2020 Richi Jennings | Jun 01 0
NSA: Russia Hacking U.S. Firms, via Old Exim Flaw
Analytics & Intelligence Cybersecurity Featured Identity & Access Network Security News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

NSA: Russia Hacking U.S. Firms, via Old Exim Flaw

May 29, 2020 Richi Jennings | May 29 0

Security Humor

Via   the  Comic Noggins  of  Nitrozac   and   Snaggy   at   The Joy of Tech® !

The Joy of Tech® ‘How Do I Quit Thee?’

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy
  • DMCA Compliance Statement

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2020 MediaOps Inc. All rights reserved.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.