After more than a decade, Firefox finally brings peace to the users annoyed with fake “authentication required” prompts. With Firefox 68, Mozilla decides to put an end on the troublesome login prompts by scam websites.
Blocking Scam “Authentication Required” Prompts
Reportedly Mozilla’s upcoming Firefox 68 will end up the annoying “authentication required” prompts barraged upon users by scam websites. Mozilla allegedly addressed this problem 12 years after its first report.
As stated by Johann Hofmann, a Firefox engineer, in the bug report, Firefox 68 will block spammy login prompts by websites.
“For compat reasons, we made the patch in bug 377496 to be a “safe” version of the auth dialog abuse protections, which is still somewhat annoying to users that encounter evil websites.”
To fix the problem, Mozilla tightened the restrictions in two ways. First, it blocks the login attempts from the top-level frame, including the site’s main domain. Secondly, it limits the permitted number of cancellations to 2 only.
Login Prompt Annoyed Users For Quite Long
According to a previous bug report, scam websites tend to trouble users by repeated login prompts. This makes the users lose control of the browser, making them unable to switch tabs or close the window.
“A page with many embedded images that require authentication causes the ‘Authentication Required’ dialogue to be shown over and over again.”
Consequently, this seemed to cause a denial of service state on the target device.
This problem not only targeted Firefox users but also affected Chrome users. However, Firefox users faced more of such incidents, particularly from the tech support scam websites. Mozilla attempted to fix the bug earlier. But it didn’t successfully fix the problem as it applied block at the sub-resource level.
However, Firefox 68 will eventually end up this problem for good as Mozilla has released the patch with the current Nightly release, whereas it will arrive in the stable version coming in July 2019.
Recently, Google also patched the old evil cursor bug in Chrome browser – many tech support scammers actively exploited this bug to target Chrome users.
Let us know your thoughts in the comments section.
Latest posts by Abeerah Hashim (see all)
- Largest Hacking Campaign Since 2015 Targeted Magento Stores Via Unpatched Bug - September 16, 2020
- Ransomware Attack Targets Equinix Data Center Provider - September 16, 2020
- Raccoon Attack Aims At Breaking TLS Encryption – Though Attack Is ‘Rare’ - September 16, 2020