cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Anonymous
Not applicable
Status: New idea

Two-step authentication in Firefox Accounts is cumbersome; can't they implement biometric authentication?

9 Comments
Status changed to: New idea
Jon
Community Manager
Community Manager

Thanks for submitting an idea to the Mozilla Connect community! Your idea is now open to votes (aka kudos) and comments.

AbhayDash
New member

It would be of a great ease and more secure if Mozilla adds the biometric authenrication to view saved logins in Firefox and same feature while auto filling the username, so that the password is kept secure. The biometric authentication data is to be taken from the Windows Biometic Authentication called as Windows Hello just like the web browser Microsoft Edge do.

Serg
Employee
Employee

Biometrics can be used to quickly verify user is still the one that owns the OS user account. But I doubt it can be used to replace 2FA completely. When user signs in on a new device, that device biometrics is not yet confirmed or linked to user's encryption keys.

Also, biometrics has a problem with breaches. Imagine somehow your biometric fingerprint is stolen. How would you change your "password"? Replacing faces and fingers are not cheap 🙂

We are looking forward to add more biometrics uses when accessing sensitive data (passwords, credit cards, etc.). Stay tuned!

finn
New member

Add biometric authentication (TouchID/Windows Hello) before passsword use

I know this has been suggested a couple other times, but I really do think that they should add this.

Status changed to: New idea
Jon
Community Manager
Community Manager

(Note: a similar idea has been merged into this thread)

1LUC1D4710N
New member

Why even adding biometric authentication when they don't support us for exhausted Two-step authentication?

I mean, if you lost all details for the account for Two-step authentication, there are sure not going to help only suggest to create another Firefox account, meaning you have to create useless email. I mean, all other service providers they support disabling 2FA, so you can recover the it again.

Nah ah for Mozilla, might as well stay away from 2FA from Mozilla. They don't support anything.

Here there own quote:

"I lost my two-step authentication device, can’t find recovery codes and don’t have a logged-in device. Can I request to delete my Firefox Account?

In this case, it is currently not possible to delete your Firefox Account, since we don't have a way to verify your identity and ownership of that account. We recommend creating a new Firefox Account to use Firefox Sync and other services that require a Firefox Account.".


Been complaining for year for that, and I can't even make any threads on "support.mozilla.org". Admin blocked it because they got tired of the messages. Might happen here too.

Moznaut
Strollin' around

Regarding the comment above about losing your biometrics, I would be fine with biometrics as a complimentary option so that both are available but offers quicker access.

With passkeys available now, has any thought been giving to this? It also reduces phishing attacks as passkeys are associated solely with the originating website.

Anonymous
Not applicable

Isn't Howdy secure?

flipback
New member

Safari and Google Chrome already allow you to log in to websites using biometrics. Firefox is late to the party. Security is just an illusion, but at the very least, biometrics provide a more convenient way to log in to websites. Who wants to continue using those recommended 15-character-long passwords with special characters, which you end up storing in LastPass, 1Password, etc., only to have them breached and compromise your entire catalog of passwords?