Friday, September 20, 2019
  • Win a $100 Gift Card: Take a Brief Survey on Software Composition Analysis
  • Russian SORM/СОРМ ISP Spyware Revealed (by Nokia Grunt)
  • How to protect your company’s backups from ransomware
  • Ransom notes shoot out of school printers but district denies hackers their prize
  • MY TAKE: SMBs can do much more to repel ransomware, dilute disinformation campaigns

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
  • Library

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
SBN News Security Bloggers Network 

Home » Cybersecurity » SBN News » Mozilla Rolls Out Two-Step Verification for Firefox Accounts

Mozilla Rolls Out Two-Step Verification for Firefox Accounts

by David Bisson on May 23, 2018

Mozilla announced the rollout of two-step verification (2SV) as an optional security feature for all Firefox user accounts.

The engineers at Mozilla Foundation designed the feature without support for SMS-based codes. They likely did so for the same reasons as Twitter when it moved away from this form of verification in December 2017. Criminals previously found ways to steal users’ SMS text messages, thereby enabling attackers to compromise 2SV-protected accounts. This vulnerability led Twitter to make a change in how it handles login verification.

At the time of this writing, Mozilla’s 2SV feature worked with the support of three authentication mobile apps: Google Authenticator, Duo Mobile and Authy 2-Factor Authentication. It’s unknown whether Mozilla intends to add support for additional applications.

Users who’d like to protect their Firefox accounts with two-step verification should download one of the supported authentication mobile apps from their smartphone’s official app store. They should then click the menu button in Mozilla’s Firefox browser, go to preferences and expand the Two-step authentication section. Alternatively, they can visit https://accounts.firefox.com/settings?showTwoStepAuthentication=true.

When the Two-step authentication section appears, users will have the option of enabling the feature. Clicking the “Enable” button will subsequently display a QR code. Users must scan this code with their authentication mobile apps to add their Firefox accounts.

With that process complete, they will need to obtain obtain a six-digit code from their app and use it to confirm setup. They should then save the 10 recovery codes provided by Firefox in a safe location in case they ever lose access to their authentication mobile app.

The setup process for 2SV on Firefox accounts. (Source: Bleeping Computer)

Going forward, when users attempt to log in to their Firefox accounts, they’ll need to generate a one-time passcode using their verified account on their authentication (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/latest-security-news/mozilla-rolls-out-two-step-verification-for-firefox-accounts/

May 23, 2018May 23, 2018 David Bisson Firefox, Latest Security News, Mozilla
  • ← GUEST ESSAY: DHS tackles supply-chain issues over malware-laden smartphones
  • RSA Report: Mobile App Fraud Transactions Increased Over 600 Percent in Three Years →

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

Russia ‘Breached’ FBI Comms; Obama Waited 4 Years To Expel Spies
5 Signs of a Privileged Access Abuser
Who’s Financially Responsible for Cybersecurity Breaches?
Why You Need a Cyber Hygiene Program: Q&A with Alert Logic’s Jack Danahy
Avoid Bad Security Buying Decisions
Large Applications, Monoliths — Struggling with code analysis? Read on!
Alissa Knight talks API security, formjacking and hacking | Cyber Work Podcast
52% of UK Businesses Risk Hefty Fines under GDPR
WhatsApp ‘Delete for Everyone’ feature potentially puts user privacy at risk
Operation ReWired arrests 281 Business Email Compromise criminals

Upcoming Webinars

Mon 23

The Next Generation of Application Security

September 23 @ 1:00 pm - 2:00 pm
Thu 26

Build Fast, Secure Well: Automate DevSecOps and Secure Your Cloud

September 26 @ 1:00 pm - 2:00 pm
Oct 02

Taking Open Source Security to the Next Level

October 2 @ 11:00 am - 12:00 pm
Oct 08

Don’t Get Stuck in The Encryption Stone Age

October 8 @ 1:00 pm - 2:00 pm
Oct 21

Open Source Security – Weighing the Pros and Cons

October 21 @ 1:00 pm - 2:00 pm
Nov 18

Scaling DevSecOps

November 18 @ 1:00 pm - 2:00 pm
Dec 09

Cloud Security – Keeping Serverless Data Safe

December 9 @ 11:00 am - 12:00 pm

More Webinars

Download Free eBook

The Second Wave of IT Security: How Today’s Leaders See the Future

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

Debunking the 5 Biggest Cloud Security Myths
Cloud Security Cybersecurity Industry Spotlight Security Boulevard (Original) 

Debunking the 5 Biggest Cloud Security Myths

September 20, 2019 Josh Stella | 8 hours ago 0
CLOUD Act, GDPR Changing Data Protection Game
Cybersecurity Governance, Risk & Compliance Industry Spotlight Security Boulevard (Original) 

CLOUD Act, GDPR Changing Data Protection Game

September 19, 2019 Mark Neufurth | Yesterday 0
Skill Sets for Transitioning into a Cybersecurity Career
Careers Cybersecurity Industry Spotlight Security Boulevard (Original) 

Skill Sets for Transitioning into a Cybersecurity Career

September 18, 2019 Joseph Feiman | 2 days ago 0

Top Stories

Russian SORM/СОРМ ISP Spyware Revealed (by Nokia Grunt)
Cyberlaw Cybersecurity Endpoint Featured News Security Boulevard (Original) Spotlight Threats & Breaches Vulnerabilities 

Russian SORM/СОРМ ISP Spyware Revealed (by Nokia Grunt)

September 20, 2019 Richi Jennings | 2 hours ago 0
Russia ‘Breached’ FBI Comms; Obama Waited 4 Years To Expel Spies
Analytics & Intelligence Cybersecurity Featured News Security Boulevard (Original) Spotlight Threat Intelligence 

Russia ‘Breached’ FBI Comms; Obama Waited 4 Years To Expel Spies

September 17, 2019 Richi Jennings | 3 days ago 0
Simjacker: Silly Name, Scary Game
Cybersecurity Endpoint Featured IoT & ICS Security Malware Mobile Security News Security Boulevard (Original) Spotlight Threats & Breaches Vulnerabilities 

Simjacker: Silly Name, Scary Game

September 13, 2019 Richi Jennings | Sep 13 0

Security Humor

via  the comic delivery system monikered  Randall Munroe  at  XKCD !

XKCD, Ksp 2

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2019 MediaOps Inc. All rights reserved.

Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.