While Mozilla VPN has regular software updates, end-to-end encryption, and mandatory passwords, the VPN logs more customer information than necessary such as a user’s location information and IP address. Additionally, users can’t add advanced authentication to their accounts to prevent unauthorized access, making the accounts themselves more susceptible to card cracking and hacking.
Encryption
In Transit |
Yes |
At rest? |
Yes |
All network communications and capabilities? |
Yes |
Security Updates
Automatic, regular software/ firmware updates? |
Yes |
Product available to use during updates? |
Yes |
Passwords
Mandatory password? |
Yes |
Two-Factor authentication? |
No |
Multi-Factor authentication? |
No |
Vulnerability Management
Privacy Policy
Link |
https://www.mozilla.org/en-US/privacy/mozilla-vpn/ |
Specific to device? |
No |
Readable? |
Yes |
What data they log |
Account information, location information, IP address, interaction data, technical data (what version is installed, operating system) |
What data they don’t log |
Network activity |
Can you delete your data? |
Yes |
Third-party sharing policies |
Yes, shares internet traffic with Mullvad, payment info with Stripe |
Surveillance
Log camera device/ app footage |
n/a |
Log microphone device/ app |
n/a |
Location tracking device/ app |
Yes |
Parental Controls
Are there parental controls? |
No |
Company History
Any security breaches/ surveillance issues in past? |
No |
Did they do anything to fix it? |
n/a |
Additional Security Features
Anything like privacy shutters, privacy zones, etc.? |
n/a |