9 comments

[ 2.0 ms ] story [ 31.1 ms ] thread
> Breach data provided by ⁨Have I Been Pwned⁩

So it's exactly the same as https://haveibeenpwned.com/, except instead of giving hibp your email, you have to create a "Firefox Account".

I guess it comes down to whose 4000-word terms of service you like better.

This same breach info shows up if you open up firefox's password manager (about:logins) and have a saved account.

It's a little less useful, since it won't shoot an email your way. But it's super handy to have a list of accounts/passwords/sites you need to change.

This kind of data shouldn't be accessible by people who do not own the email address..
People who create/release dumps that these tools check tend not to be too focused on account security....
C'mon, there is a difference between breaching into servers and leaking/selling people's data and intentionally making all of that public and accessible through a public API

Give me your email address and I can know your name + address + phone number + history of old passwords + browsing history and more personal data

But who am I to care about that kind of things, screw people right

Yeah let's give the bad guys all the ease of use while we put up obstacles for legitimate users
You misunderstood, I'm not against this service, I'm against making the data available to people who do not own the email address, big difference that people don't seem to understand over here

Wich explain the lack of care for privacy and security in the west, boy 2024 will be fun..

Privacy washing is a thing apparently