Mozilla has publicized that it now supports two-step authentication for Firefox accounts (also known as two factor or 2FA).
“Starting on 5/23/2018, we are beginning a phased rollout to allow Firefox Accounts users to opt into two-step authentication. If you enable this feature, then in addition to your password, an additional security code will be required to log in.”
Mozilla has selected the Time-based One-Time Password (TOTP) authentication standard as its medium. TOTP codes are generated in verification apps like Authy, Duo, Google Authenticator, or open source andOTP.
Single-use recovery codes are supported in case something happens to your phone.
2FA is highly recommended for Firefox users who rely on the browser’s built-in password manager to improve the overall security of their accounts.
What is 2FA?
One-factor authentication is your username and password. Two-factor authentication is an additional identification, your phone in this case.
It is highly unlikely that a hacker gets access to both your phone and username/password. 2FA, therefore, is a significant advantage.
Protecting Your Firefox Account Using 2FA
The process given below is similar to whatever app or platform you use. If you use andOTP, an externally linked page offers advice from its developer on setting it up.
*Note: Android’s security policy prevents taking screenshots of the andOTP app in action.
1. Enable 2FA in Firefox
Go to Options -> Firefox Account -> Manage Account -> Two-step authentication -> Enable.
Mozilla is rolling out 2FA gradually, so you may not see this option right away. No problem, just click this link in Firefox to enable it.
2. You will get a QR code to scan into your authenticator app. In andOTP click on the + icon to the bottom tight -> Scan-QR code. You will get a Security code that you must enter into Firefox. Then hit “Confirm.”
3. Yoo-hoo! You are ready. You will get confirmation that 2FA is enabled (and receive a confirmation email from Mozilla).
You will get some one-time recovery codes. You can enter each once to save you from generating new codes in your authenticator app. Keep them secured! You will get some unique recovery codes. You can enter each once to save you from generating new codes in your authenticator app. Keep them secured!
4. Any time you sign into your Firefox Account be it the same device or new device you will be prompted to give a security code after you have entered your username and password.
Simply open your authenticator app, glance at the Firefox Accounts entry, and enter the code within the allotted time. Easy!
Two-factor authentication makes your Firefox account more secure, and it doesn’t require much time to setup.