Mozilla will enforce two-factor authentication for Extension Developers
#1
Information 
Quote:
[Image: firefox-account-two-step-authentication.png]

Firefox extension developers need to set up their accounts to support two-factor authentication (2FA) in early 2020 as this is a new requirement that Mozilla has just announced.

Mozilla's reasoning behind the decision is simple: prevent that attackers manage to obtain username and password of extension developers to manipulate the extensions that are offered on Mozilla AMO.

The organization dropped its "Review first - Publish later" model in 2017 in order to deliver updates and new add-on releases faster. While extensions may get reviewed manually after the fact (after publication), there is a time gap between making it available to users and the review; this could allow malicious actors to push unwanted or malicious content to users in form of add-ons if the automated systems that are in place can be bypassed.
Quote:Starting in early 2020, extension developers will be required to have 2FA enabled on AMO. This is intended to help prevent malicious actors from taking control of legitimate add-ons and their users.

The extra layer of security that Mozilla requires from extension developers won't be required for accounts that use the upload API of AMO.

Regular users who maintain accounts on AMO are not required to enable 2FA for their accounts as well. While Mozilla does recommend setting up 2FA for all Firefox accounts, it is not a requirement at this point.

Tip: check out our guide on enabling two-factor authentication in Firefox here.

Once the requirement goes live, developers are asked to enable 2FA for their accounts when they are making changes to their add-ons.
Quote:Before this requirement goes into effect, we’ll be working closely with the Firefox Accounts team to make sure the 2FA setup and login experience on AMO is as smooth as possible. Once this requirement goes into effect, developers will be prompted to enable 2FA when making changes to their add-ons.
...
Continue Reading
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
uBOLite_2024.12.23.23
uBOLite_2024.12.23...harlan4096 — 10:29
You found a seed phrase from someone els...
Scammers have inve...harlan4096 — 09:58
Google files remedies proposal in DOJ's ...
The U.S. Departmen...harlan4096 — 09:48
PowerToys 0.87.1
PowerToys 0.87.1 ...harlan4096 — 09:46
GFYI [Official] EaseUS Christmas 2024 B...
Merry Christmas and ...zevish — 08:07

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>