Review updates.

controllers/home.js

@@ -1,13 +1,14 @@
 "use strict";
 
-const sha1 = require("../sha1-utils");
+const { URL } = require("url");
+
 const HIBP = require("../hibp");
+const sha1 = require("../sha1-utils");
 
 async function home(req, res) {
 
   let featuredBreach = null;
   let scanFeaturedBreach = false;
-  let breachIsSensitive = false;
   let foundBreaches = [];
   let userAccountCompromised = false;
   let authenticatedUser = false;
@@ -18,18 +19,21 @@ async function home(req, res) {
     if (!featuredBreach) {
       return notFound(req, res);
     }
-    scanFeaturedBreach = true;
-    if (featuredBreach.IsSensitive) {
-      breachIsSensitive = true;
-    }
 
-    if (req.url.includes("utm_source=firefox") && req.session.user) {
+    scanFeaturedBreach = true;
+
+    // Checks if the user is 1.) arriving via the doorhanger and 2.) already signed in to Monitor.
+    // If so, we automatically scan their email and check the results for the breach associated with
+    // the website they were on when they clicked the doorhanger.
+
+    const url = new URL(req.url, req.app.locals.SERVER_URL);
+
+    if (req.session.user && url.searchParams.has("utm_source") && url.searchParams.get("utm_source") === "firefox") {
       authenticatedUser = true;
       const emailHash = sha1(req.session.user.email);
 
       foundBreaches = await HIBP.getBreachesForEmail(emailHash, req.app.locals.breaches, true);
       const findFeaturedBreach = foundBreaches.findIndex(breach => breach.Name === featuredBreach.Name);
-
       if (findFeaturedBreach !== -1) {
         userAccountCompromised = true;
       }
@@ -42,8 +46,10 @@ async function home(req, res) {
       });
     }
   }
-
-  if (req.session.user) {
+  // redirect signed in users to dashboard if they are not
+  // coming from the doorhanger and not attempting to reach
+  // a detailed breach page.
+  if (req.session.user && !req.query.breach) {
       return res.redirect("/scan/latest_breaches");
   }
 
@@ -51,7 +57,6 @@ async function home(req, res) {
     title: req.fluentFormat("home-title"),
     featuredBreach: featuredBreach,
     scanFeaturedBreach,
-    breachIsSensitive,
     foundBreaches,
     userAccountCompromised,
   });

hbs-helpers.js

@@ -2,6 +2,7 @@
 
 const AppConstants = require("./app-constants");
 const { LocaleUtils } = require("./locale-utils");
+const modifiedStringList = require("./modified-strings");
 const mozlog = require("./log");
 
 
@@ -21,9 +22,12 @@ function fluentFxa (supportedLocales, id, args) {
 }
 
 
-function getStringID (supportedLocales, key, number) {
-  const fluentID = `${key}${number}`;
-  return LocaleUtils.fluentFormat(supportedLocales, fluentID);
+function getStringID (supportedLocales, id, number) {
+  id = `${id}${number}`;
+  if (modifiedStringList.includes(id)) {
+    id = `fxa-${id}`;
+  }
+  return LocaleUtils.fluentFormat(supportedLocales, id);
 }
 
 

locales/en/app.ftl

@@ -57,8 +57,9 @@ user-unsubscribed-title = {-product-name} : Unsubscribed
 pwt-section-headline = Stronger Passwords = Better Protection
 pwt-section-subhead = Your private information is only as safe as your passwords.
 pwt-section-blurb =
-  Passwords protect all the personal information in your online accounts. 
-  And hackers rely on bad habits, like using the same password everywhere or using common phrases (@p@ssw0rd, anyone?) so that if they hack one account, they can hack many.
+  Your passwords protect more than your accounts. They protect every bit of personal information that resides in them. 
+  And hackers rely on bad habits, like using the same password everywhere or using common phrases (p@ssw0rd, anyone?) so 
+  that if they hack one account, they can hack many. Here’s how to better protect your accounts.
 
 pwt-headline-1 = Use a different password for every account
 pwt-summary-1 = 
@@ -67,18 +68,18 @@ pwt-summary-1 =
 
 pwt-headline-2 = Create strong, hard-to-guess passwords
 pwt-summary-2 = 
-  Short, single-word passwords are easy for hackers to guess. 
-  Use at least two words and a combination of letters, digits, and special characters.
+  Hackers use thousands of common passwords to try to guess yours. 
+  The longer and more random your password is, the harder it will be to guess.
 
 pwt-headline-3 = Treat security questions like extra passwords
 pwt-summary-3 = 
   Websites don’t check that your answers are accurate, just that they match every time. 
-  Create long, random answers, and store them somewhere safe.
+  Create long, random answers and store them somewhere safe.
 
 pwt-headline-4 = Get help remembering your passwords
 pwt-summary-4 =
-  Password managers like 1Password, LastPass, Dashlane, and Bitwarden store your passwords and fill them in to websites for you. 
-  They’ll even help you make strong passwords.
+  Password managers like 1Password, LastPass, Dashlane, and Bitwarden generate strong, unique passwords. 
+  They also store passwords securely and fill them into websites for you
 
 pwt-headline-5 = Add extra security with two-factor authentication
 pwt-summary-5 =
@@ -87,8 +88,8 @@ pwt-summary-5 =
 
 pwt-headline-6 = Sign up for {-product-name-nowrap} alerts
 pwt-summary-6 = 
-  Data breaches are on the rise. If your personal info appears in a new data breach, 
-  {-product-name} sends you an alert — so you can take action and protect your accounts. 
+  Website data breaches are on the rise. As soon as a new breach gets added to our database, 
+  {-product-name-nowrap} sends you an alert — so you can take action and protect your account.
 
 landing-headline = Your right to be safe from hackers starts here.
 landing-blurb = 
@@ -171,24 +172,25 @@ what-to-do-headline = What To Do When Your Information is Exposed in a Data Brea
 
 what-to-do-subhead-1 = Change your passwords, even for old accounts
 what-to-do-blurb-1 =
-  If you can’t log in, contact the website to ask how to update it. 
-  See an account you don’t recognize? Your data could have been sold or redistributed. This could also be an account you forgot you created or a company that changed names.
+  If you can’t log in, contact the website to ask how you can recover or shut down the account. 
+  See an account you don’t recognize? The site may have changed names or someone may have created an account for you.
 
-what-to-do-subhead-2 = Stop using the exposed password, and change it everywhere you’ve used it
+what-to-do-subhead-2 = If you reuse an exposed password, change it
 what-to-do-blurb-2 =
-  Hackers may try to that same password and your email to get into other accounts. 
-  Create a different and unique password for every account, especially for your bank account, email, and other websites where you save personal information.
+  Hackers may try to reuse your exposed password to get into other accounts. 
+  Create a different password for each website, especially for your bank account, 
+  email and other websites where you save personal information.
 
 what-to-do-subhead-3 = Take extra steps to secure your financial accounts
 what-to-do-blurb-3 = 
   Most breaches only expose emails and passwords, but some do include sensitive financial information. 
-  If your bank account or credit card numbers were exposed, alert your bank to possible fraud. 
-  Monitor statements for charges you don’t recognize.
+  If your bank account or credit card numbers were included in a breach, alert your bank to possible fraud, 
+  and monitor statements for charges you don’t recognize.
 
-what-to-do-subhead-4 = Get help remembering all your passwords and keeping them safe
+what-to-do-subhead-4 = Get help creating good passwords and keeping them safe.
 what-to-do-blurb-4 = 
-  Password managers like 1Password, LastPass, Dashlane, and Bitwarden store your passwords securely and fill them into websites for you. 
-  Use a password manager on your phone and computer so you don’t have to remember them all.
+  Password managers like 1Password, LastPass, Dashlane, and Bitwarden generate strong passwords, 
+  store them securely, and fill them into websites for you.
 
 # breach-date = the calendar date a particular data theft occurred. 
 breach-date = Breach date:
@@ -262,6 +264,7 @@ og-site-description = Find out if you’ve been part of a data breach with {-pro
 
 
 mozilla-security-blog = {-brand-Mozilla} Security Blog
+# A header for a list of links to share Firefox Monitor on various social media platforms.
 layout-social = Social
 show-all = Show all
 
@@ -271,16 +274,17 @@ fxa-landing-blurb =
   Find out what hackers already know about you,
   and learn how to stay a step ahead of them.
 
-
 fxa-scan-label = See if you’ve appeared in a data breach.
 fxa-welcome-headline = Welcome to {-product-name}.
 fxa-welcome-blurb = You’re all set to get alerts if { $userEmail } appears in a data breach.
 
 fxa-scan-another-email = Want to Check Another Email?
+# Search Firefox Monitor
 fxa-scan-submit = Search {-product-name}
 
 sign-up-to-check = Sign Up to Check
 sign-in = Sign In
+sign-out = Sign Out
 
 # All letters should be capitalized.
 full-report-headline = Your {-product-name} Report
@@ -288,11 +292,9 @@ full-report-headline = Your {-product-name} Report
 # All letters should be capitalized.
 see-full-report = See Full Report
 
-#Manage Firefox Account, link to page where account holders can change their account settings.
+# Manage Firefox Account, link to page where account holders can change their account settings.
 manage-fxa = Manage {-brand-fxa}
 
-sign-out = Sign Out
-
 fxa-download-firefox-bar-blurb = Brought to you by {-brand-name}. 2x faster. Uses 30% less memory than {-brand-Chrome}.
 fxa-download-firefox-bar-link = Download now
 fxa-download-firefox-banner-blurb = Better, faster page loading that uses less computer memory.
@@ -315,15 +317,60 @@ guest-fb-compromised-other-breaches = Your email address also appeared in { $bre
 no-breaches-found-headline = No breaches found from a basic search.
 authenticated-no-breaches-blurb = No breaches found. We’ll send you an email if your info appears in new breaches.
 user-no-breaches-blurb = No breaches found.
-guest-no-breaches-blurb = For a more in-depth search of this email address in sensitive breaches, create a {-brand-fxa}. You’ll also get alerts if you appear in new data breaches.
+guest-no-breaches-blurb = 
+  For a more in-depth search of this email address in sensitive breaches, 
+  create a {-brand-fxa}. You’ll also get alerts if you appear in new data breaches.
 
 found-breach-headline = Your account appeared in one data breach.
-guest-found-breach-blurb = This breach exposed your personal info. Sign up for a {-brand-fxa} to get your full report and alerts about new breaches.
+guest-found-breach-blurb = This breach exposed your personal info. {sign-up-with-fxa}.
 user-found-breach-blurb = This breach exposed your personal info. Take action to protect your account.
 
 many-found-breaches-headline = Your accounts appeared in { $breachCount } data breaches.
 user-many-found-breaches-blurb = These breaches exposed your personal info. Take action to protect your accounts.
-guest-many-found-breaches-blurb = These breaches exposed your personal info. Sign up for a {-brand-fxa} to get your full report and alerts about new breaches. 
+guest-many-found-breaches-blurb = These breaches exposed your personal info. {sign-up-with-fxa}. 
 
 have-an-account = Already have an account?
 
+signup-banner-sensitive-blurb = 
+  {fxa-landing-blurb} Get alerted if your account appears in new data breaches.
+
+fxa-pwt-section-blurb =
+  Passwords protect all the personal information in your online accounts. And 
+  hackers rely on bad habits, like using the same password everywhere or using 
+  common phrases (@p@ssw0rd, anyone?) so that if they hack one account, they 
+  can hack many.
+
+fxa-pwt-summary-2 =
+  Short, single-word passwords are easy for hackers to guess. 
+  Use at least two words and a combination of letters, digits, and special characters.
+
+fxa-pwt-summary-4 =
+  Password managers like 1Password, LastPass, Dashlane, and Bitwarden store your 
+  passwords and fill them in to websites for you. They’ll even help you make strong passwords.
+
+fxa-pwt-summary-6 =
+  Data breaches are on the rise. If your personal info appears in a new data breach, 
+  {-product-name} sends you an alert — so you can take action and protect your accounts. 
+
+fxa-what-to-do-blurb-1 =
+  If you can’t log in, contact the website to ask how to update it. 
+  See an account you don’t recognize? Your data could have been sold 
+  or redistributed. This could also be an account you forgot you 
+  created or a company that changed names.
+
+fxa-what-to-do-subhead-2 = Stop using the exposed password, and change it everywhere you’ve used it
+fxa-what-to-do-blurb-2 =
+  Hackers may try to that same password and your email to get into other accounts. 
+  Create a different and unique password for every account, especially for your bank account, 
+  email, and other websites where you save personal information.
+
+fxa-what-to-do-blurb-3 = 
+  Most breaches only expose emails and passwords, but some do include sensitive financial information. 
+  If your bank account or credit card numbers were exposed, alert your bank to possible fraud. 
+  Monitor statements for charges you don’t recognize.
+
+fxa-what-to-do-subhead-4 = Get help remembering all your passwords and keeping them safe
+fxa-what-to-do-blurb-4 =
+  Password managers like 1Password, LastPass, Dashlane, and Bitwarden store your 
+  passwords securely and fill them into websites for you. Use a password manager 
+  on your phone and computer so you don’t have to remember them all.

modified-strings.js

@@ -0,0 +1,22 @@
+"use strict";
+
+// List of string IDs for Password Tips & What To Do Next strings
+// that have been updated with FxA integration.
+
+// `getStringID` checks incoming string IDs against this list and
+// prepends 'fxa-' when necessary.
+
+const modifiedStrings = [
+  "pwt-summary-2",
+  "pwt-summary-4",
+  "pwt-summary-6",
+  "what-to-do-subhead-2",
+  "what-to-do-subhead-4",
+  "what-to-do-blurb-1",
+  "what-to-do-blurb-2",
+  "what-to-do-blurb-3",
+  "what-to-do-blurb-4",
+];
+
+module.exports = modifiedStrings;
+

package.json

@@ -19,7 +19,7 @@
     "express": "^4.16.2",
     "express-bearer-token": "^2.2.0",
     "express-handlebars": "^3.0.0",
-    "fluent": "^0.8.1",
+    "fluent": "^0.10.0",
     "fluent-langneg": "^0.1.0",
     "full-icu": "^1.2.1",
     "git-rev-sync": "^1.12.0",

public/css/app.css

@@ -798,7 +798,7 @@ span.breach-info {
   display: block;
 }
 
-/* FEAUTURED BREACH LISTING */
+/* FEATURED BREACH LISTING */
 
 main .breach-headline {
   font-size: 22px;

public/css/fxa.css

@@ -999,6 +999,7 @@ main .sensitive-breach-email-required {
 }
 
 main .half.featured button#sign-up,
+main .half.featured a.see-full-report-button,
 main .sensitive-breach-email-required {
   max-width: 300px;
 }
@@ -1104,7 +1105,7 @@ span.breach-info {
   display: block;
 }
 
-/* FEAUTURED BREACH LISTING */
+/* FEATURED BREACH LISTING */
 
 main .breach-headline {
   font-size: 22px;

views/partials/banners/sign_up_banner.hbs

@@ -7,11 +7,11 @@
         <div class="fourth subscribe-icon-wrapper">
           {{> sprite symID="subscribe"}}
         </div>
-        <div class="{{#unless breachIsSensitive }} half {{/unless}} {{#if breachIsSensitive }} three-fourths {{/if}}">
+        <div class="{{#if featuredBreach.IsSensitive }} three-fourths {{else}} half {{/if}}">
           <h2 class="medium secondary-title">{{{fluentFormat req.supportedLocales "signup-banner-headline"}}}</h2>
           <p class="demi">{{{fluentFormat req.supportedLocales "signup-banner-blurb"}}}</p>
         </div>
-        {{#unless breachIsSensitive}}
+        {{#unless featuredBreach.IsSensitive}}
           <div class="fourth">
             {{> sign_up_button}}
           </div>

views/partials/footer.hbs

@@ -21,8 +21,8 @@
             <ul class="fourth">
               <li>{{fluentFormat req.supportedLocales "layout-support" }}</li>
               <li><a {{> analytics/link_event eventLabel="About Firefox alerts"}} href="https://blog.mozilla.org/security/2018/11/14/when-does-firefox-alert-for-breached-sites" target="_blank" rel="noopener">{{fluentFormat req.supportedLocales "mozilla-security-blog"}}</a></li>
-              <li><a {{> analytics/link_event eventLabel="Give Feedback"}} href="https://qsurvey.mozilla.com/s3/Firefox-Monitor-Feedback" target="_blank" rel="noopener">{{{fluentFormat req.supportedLocales "give-feedback"}}}</a></li>
-              <li><a {{> analytics/link_event eventLabel="Terms & Privacy"}} href="https://www.mozilla.org/privacy/firefox-monitor/{{> analytics/utm_site_footer }}" target="_blank" rel="noopener">{{{fluentFormat req.supportedLocales "terms-and-privacy"}}}</a></li>
+              <li><a {{> analytics/link_event eventLabel="Give Feedback"}} href="https://qsurvey.mozilla.com/s3/Firefox-Monitor-Feedback" target="_blank" rel="noopener">{{fluentFormat req.supportedLocales "give-feedback"}}</a></li>
+              <li><a {{> analytics/link_event eventLabel="Terms & Privacy"}} href="https://www.mozilla.org/privacy/firefox-monitor/{{> analytics/utm_site_footer }}" target="_blank" rel="noopener">{{fluentFormat req.supportedLocales "terms-and-privacy"}}</a></li>
               <li><a {{> analytics/link_event eventLabel="GitHub"}} href="https://github.com/mozilla/blurts-server/" target="_blank" rel="noopener noreferrer">{{> sprite symID="GitHub"}}</a></li>
             </ul>
             <ul class="fourth">

views/partials/fxa_enabled/fxa_monitor.hbs

@@ -5,18 +5,22 @@
         {{#if featuredBreach }}
           {{{fluentFormat req.supportedLocales "scan-featuredbreach-label" featuredBreach=featuredBreach.Title}}}
         {{else}}
-          {{{fluentFormat req.supportedLocales "landing-headline"}}}
+          {{fluentFormat req.supportedLocales "landing-headline"}}
         {{/if}}
       </h2>
       {{#if featuredBreach }}
-        {{#if breachIsSensitive}}
-          <button class="button sign-up-button" id="sign-up">{{fluentFormat req.supportedLocales "sign-up-to-check"}}</button>
+        {{#if featuredBreach.IsSensitive}}
+          {{#if req.session.user}}
+            {{> fxa_enabled/see_full_report_button}}
+          {{else}}
+            <button class="button sign-up-button" id="sign-up">{{fluentFormat req.supportedLocales "sign-up-to-check"}}</button>
+          {{/if}}
         {{else}}
           {{> scan_form}}
         {{/if}}
       {{else}}
         <p class="landing-blurb">
-          {{{fluentFxa req.supportedLocales "landing-blurb"}}}
+          {{fluentFormat req.supportedLocales "fxa-landing-blurb"}}
         </p>
       {{/if}}
     </div>

views/partials/fxa_enabled/fxa_scan.hbs

@@ -33,8 +33,9 @@
   {{/ifCompare}}
   {{#if fullReport}}
     {{> what_to_do class="extra-margin"}}
-  {{/if}}
+  {{else}}
     {{> what_to_do}}
+  {{/if}}
   {{> scan_another_email}}
 {{/ifCompare}}
 

views/partials/fxa_enabled/fxa_sign_up_banner.hbs

@@ -5,7 +5,13 @@
         </div>
         <div class="half">
           <h2 class="medium secondary-title">{{{fluentFormat req.supportedLocales "fxa-signup-banner-headline"}}}</h2>
-          <p class="demi">{{{fluentFormat req.supportedLocales "fxa-signup-banner-blurb"}}}</p>
+          <p class="demi">
+            {{#if featuredBreach.IsSensitive}}
+              {{fluentFormat req.supportedLocales "signup-banner-sensitive-blurb"}}
+            {{else}}
+              {{fluentFormat req.supportedLocales "fxa-signup-banner-blurb"}}
+            {{/if}}
+          </p>
         </div>
         {{> fxa_enabled/sign_up_bundle class="fourth"}}
       </div>

views/partials/fxa_enabled/scan_results/result_subhead.hbs

@@ -1,10 +1,10 @@
     {{#ifCompare foundBreaches.length "===" 0}}
       {{#if req.session.user}}
         {{#if authenticatedUser}}
-          <p>{{{fluentFormat req.supportedLocales "authenticated-no-breaches-blurb"}}}</p>
+          <p>{{fluentFormat req.supportedLocales "authenticated-no-breaches-blurb"}}</p>
         {{/if}}
       {{else}}
-        <p>{{{fluentFormat req.supportedLocales "guest-no-breaches-blurb"}}}</p>
+        <p>{{fluentFormat req.supportedLocales "guest-no-breaches-blurb"}}</p>
       {{/if}}
     {{/ifCompare}}
 
@@ -12,22 +12,22 @@
       {{#if featuredBreach}}
         {{#if userAccountCompromised}}
           {{#if req.session.user}}
-            <p>{{{fluentFormat req.supportedLocales "user-fb-compromised" breachName=featuredBreach.Title}}}</p>
+            <p>{{fluentFormat req.supportedLocales "user-fb-compromised" breachName=featuredBreach.Title}}</p>
           {{else}}
-            <p>{{{fluentFormat req.supportedLocales "guest-fb-compromised" breachName=featuredBreach.Title}}}</p>
+            <p>{{fluentFormat req.supportedLocales "guest-fb-compromised" breachName=featuredBreach.Title}}</p>
           {{/if}}
         {{else}}
           {{#if req.session.user}}
-            <p>{{{fluentFormat req.supportedLocales "user-fb-other-breach-found" breachName=featuredBreach.Title}}}</p>
+            <p>{{fluentFormat req.supportedLocales "user-fb-other-breach-found" breachName=featuredBreach.Title}}</p>
           {{else}}
-            <p>{{{fluentFormat req.supportedLocales "guest-fb-other-breach-found" breachName=featuredBreach.Title}}}</p>
+            <p>{{fluentFormat req.supportedLocales "guest-fb-other-breach-found" breachName=featuredBreach.Title}}</p>
           {{/if}}
         {{/if}}
       {{else}}
         {{#if req.session.user}}
-          <p>{{{fluentFormat req.supportedLocales "user-found-breach-blurb"}}}</p>
+          <p>{{fluentFormat req.supportedLocales "user-found-breach-blurb"}}</p>
         {{else}}
-          <p>{{{fluentFormat req.supportedLocales "guest-found-breach-blurb"}}}</p>
+          <p>{{fluentFormat req.supportedLocales "guest-found-breach-blurb"}}</p>
         {{/if}}
       {{/if}}
     {{/ifCompare}}
@@ -36,26 +36,26 @@
       {{#if featuredBreach}}
         {{#if userAccountCompromised}}
           {{#if req.session.user}}
-            <p>{{{fluentFormat req.supportedLocales "user-fb-compromised-other-breaches" breachCount=(breachMath foundBreaches.length "-" 1)}}}</p>
+            <p>{{fluentFormat req.supportedLocales "user-fb-compromised-other-breaches" breachCount=(breachMath foundBreaches.length "-" 1)}}</p>
           {{else}}
-            <p>{{{fluentFormat req.supportedLocales "guest-fb-compromised-other-breaches" breachCount=(breachMath foundBreaches.length "-" 1)}}}</p>
+            <p>{{fluentFormat req.supportedLocales "guest-fb-compromised-other-breaches" breachCount=(breachMath foundBreaches.length "-" 1)}}</p>
           {{/if}}
         {{else}}
           {{#if req.session.user}}
-            <p>{{{fluentFormat req.supportedLocales "user-fb-other-breaches-found" breachName=featuredBreach.Title}}}</p>
+            <p>{{fluentFormat req.supportedLocales "user-fb-other-breaches-found" breachName=featuredBreach.Title}}</p>
           {{else}}
-            <p>{{{fluentFormat req.supportedLocales "guest-fb-other-breaches-found" breachName=featuredBreach.Title}}}</p>
+            <p>{{fluentFormat req.supportedLocales "guest-fb-other-breaches-found" breachName=featuredBreach.Title}}</p>
           {{/if}}
         {{/if}}
       {{else}}
 
         {{#if req.session.user}}
-          <p>{{{fluentFormat req.supportedLocales "user-many-found-breaches-blurb"}}}</p>
+          <p>{{fluentFormat req.supportedLocales "user-many-found-breaches-blurb"}}</p>
         {{else}}
           {{#if userAccountCompromised}}
-            <p>{{{fluentFormat req.supportedLocales "guest-compromised-blurb" breachCount=(breachMath foundBreaches.length "-" 1)}}}</p>
+            <p>{{fluentFormat req.supportedLocales "guest-compromised-blurb" breachCount=(breachMath foundBreaches.length "-" 1)}}</p>
           {{else}}
-            <p>{{{fluentFormat req.supportedLocales "guest-many-found-breaches-blurb"}}}</p>
+            <p>{{fluentFormat req.supportedLocales "guest-many-found-breaches-blurb"}}</p>
           {{/if}}
         {{/if}}
       {{/if}}

views/partials/legacy/legacy_monitor.hbs

@@ -10,7 +10,7 @@
       </h2>
       {{#if featuredBreach }}
 
-        {{#if breachIsSensitive}}
+        {{#if featuredBreach.IsSensitive}}
           {{> sign_up_button}}
           <span id="sensitive-featured-breach" class="sensitive-breach-email-required">{{fluentFormat req.supportedLocales "sensitive-breach-email-required"}}</span>
         {{else}}

views/partials/password_tips.hbs

@@ -3,7 +3,7 @@
     <section id="password-advice" class="whole">
       <h3 class="section-headline">{{fluentFormat req.supportedLocales "pwt-section-headline"}}</h3>
       <h4 class="section-sub-head">{{fluentFormat req.supportedLocales "pwt-section-subhead"}}</h4>
-      <p>{{fluentFormat req.supportedLocales "pwt-section-blurb"}}</p>
+      <p>{{fluentFxa req.supportedLocales "pwt-section-blurb"}}</p>
     </section>
 
     {{#loop 1 6 1}}