Where did you install Firefox from? Help Mozilla uncover 3rd party websites that offer problematic Firefox installation by taking part in our campaign. There will be swag, and you'll be featured in our blog if you manage to report at least 10 valid reports!

Avatar for Username

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

Learn More

话题已存档。 如果需要帮助请提出新问题。

Log-in switching to another device?

  • 5 个回答
  • 3 人有此问题
  • 1 次查看
  • 最后回复者为 hellmight

hellmight
hellmight
more options

Today I noticed something strange on my phone. I opened up my FF browser and noticed a small warning icon on the bottom right. It said, my sync was not logged in and I had to enter my password and 2FA code. After entering these - which I have done quite some time ago already, I immediately got the mail telling me about the new log-in on my account. I mean, I know that it was me, I just logged in. But it got me suspicious because my mobile should already be logged in! So I followed the 'manage devices' link to check the list of my logged-in devices. What I have found is disturbing me. My device was now two times in that list: One saying 'this device' and one stating it is located in another country (USA), last seen a couple of hours ago. I'm from Europe and I certainly have never been in the USA! Of course I removed access immediately!

Is this possibly a bug or even a security breach, that an attacker can 'transfer' a log-in token to another device without any notification? It seems like my mobile's token was removed and so I had to re-log in here. And yes, I use unique passwords with a password manager and 2FA. The only notification I ever saw on this was that my mobile no longer was logged into my sync account!

Today I noticed something strange on my phone. I opened up my FF browser and noticed a small warning icon on the bottom right. It said, my sync was not logged in and I had to enter my password and 2FA code. After entering these - which I have done quite some time ago already, I immediately got the mail telling me about the new log-in on my account. I mean, I know that it was me, I just logged in. But it got me suspicious because my mobile should already be logged in! So I followed the 'manage devices' link to check the list of my logged-in devices. What I have found is disturbing me. My device was now two times in that list: One saying 'this device' and one stating it is located in another country (USA), last seen a couple of hours ago. I'm from Europe and I certainly have never been in the USA! Of course I removed access immediately! Is this possibly a bug or even a security breach, that an attacker can 'transfer' a log-in token to another device without any notification? It seems like my mobile's token was removed and so I had to re-log in here. And yes, I use unique passwords with a password manager and 2FA. The only notification I ever saw on this was that my mobile no longer was logged into my sync account!

所有回复 (5)

jonwillcode
jonwillcode
more options

Do you use a VPN on your device? That could explain why Mozilla believed you were in a different country.

hellmight
hellmight 提问者
more options

No, I don't. I do use cloudflare (1.1.1.1) but that is not an actual VPN, merely a dns service.

hellmight
hellmight 提问者
more options

No, I do not. I use Cloudflare (1.1.1.1) but it is not a true VPN, just a dns service.

Paul
Paul
  • Moderator
  • Top 10 Contributor
more options

Hi

I believe that the Cloudflare server is in the US, which could explain what you are seeing.

hellmight
hellmight 提问者
more options

As far as I am aware, Cloudflare does not mask anything. It serves as a DNS Service which does nothing but translate a dns request into an ip-address.

But even if your suggestion was the reason for why my approximate location is so far off, there is still a question that is not answered: Why was my device logged off? Repeatedly.

I just had the same log-off thing re-occure, and a few days ago too. For some strange reason, my latest confirmation mail said that I was logging in from Seattle. (I use Cloudflare for quite some time now, long before this has started.)