By Manil in conversing

Use Firefox Containers for visual signals that a login URL is ok

I was almost phished for my Bitwarden credentials, so I made being vigilant easier.

I was almost phished, using search engine results, for my Bitwarden credentials.

Now, I never use search engines for regular logins-saved URLs only. But I open too many URLs to be confident of constant vigilance (hark, Mad-Eye), so I made being vigilant easier.

Interesting that when I reported to Bitwarden, the resolution was assigned to Marketing. I suppose that's an SEO function.
Update, 2023.02.22: seems a recurring, if not regular, occurrence for Bitwarden users 🧐

Firefox Multi-Account Containers (code) is not only useful as a tool for privacy, the browser extension can do double-duty as a defence against phishing.

It's simple af to set up. Here's how.

How it works

These 3 features, combined, allow Firefox Multi-Account Containers to warn you if you might be on the wrong URL:

A. Containers can be assigned colours of your choice. When a tab is opened in a Container, the top edge of the tab is coloured using what you assigned.

Screenshot of colour options for a Container.

B. Specific URLs can be made to always automatically open in a Container of your choice.

Screenshot of option to auto open in a Container.

C. A Container can be limited to only allowing those whitelisted URLs to be opened within it.

Screenshot of toggle to limit Containers to designated URLs.

Setup

  1. Open the known legitimate URL in Firefox,
  2. Set that URL to always open in a Container of your choice (How it works, B),
  3. Limit the chosen Container to only contain whitelisted URLs (How it works, C),
  4. Choose an expected colour for the tabs when that specific Container is opened (How it works, A). Green is common language for okay :)

Use

When a tab's colour matches the colour assigned to the Container in which that URL should be displayed, you can be confident the URL opened matches the known good URL.

Screenshot of Bitwarden Web Vault opening in a preset, green coloured tab.
The known Bitwarden URL should always open in the green Container.

Because whitelisting needs you to specifically choose URLs, it won't help with general browsing. This behavioural defense method is best used for high-value URLs that you visit regularly, like banking and email.

🐭