Firefox will force all extension developers to enable multi-factor authentication starting early next year
Firefox browser has now proposed a new rule for extension developers: starting from next year, all extension account must enable multi-factor authentication. If the developer account is not enabled for multi-factor authentication, you cannot log in, and of course, you can no longer submit new extensions or new versions of extension programs to the Firefox browser.
Extensions are used by browsers as an add-on to a significant number of users, and some well-known extensions may also be installed by thousands of users worldwide. Under normal circumstances, when a developer releases a new version of an extension, the browser will perform an automatic update, which means that the new version will be automatically pushed to the installed user. In the past few years, the issue of the account of extension program developers has been stolen. After the account is stolen, an attacker publishes an extension that carries a malicious script to the user. In the case of automatic updates, these malicious extensions will be released to many users, and then used to steal user account passwords and even monitor users. These developers will also threaten many users after accidentally leaking their account passwords, so it is necessary to enable multi-factor authentication for developer accounts.