Hassle-free Website Authentication with Mozilla’s Persona
The recently released second Beta of Mozilla’s Persona web-login technology introduced a new Identity Bridging feature that enables users to login to websites with no credentials other than their email address.
While the first beta of Persona required that users register an email address with a Persona Identity Provider server (IdP), the new beta removes the need for first authenticating the email address with the IdP server.
“The goal of Persona is simple: we want to eliminate passwords on the Web,” said Ben Adida, Mozilla’s director of identity. “In particular, we’ve made it easy for users with existing Web accounts to log in without creating a new account or password. This brings secure login within two clicks for hundreds of millions of users worldwide, regardless of whether they’re on a desktop, tablet, or mobile phone.”
With OpenID or OAuth website authentication already implemented by large email providers, the new Identify Bridging feature in Persona bridges the gap between protocols by using its own server to mitigate the process.
Websites need to adhere to the new Persona authentication systems for users to enjoy the hassle-free authentication and Mozilla already has deployed the technology on several partners. Although it only supports Yahoo email addresses, the goal is to extend the service to accept any email address.
“We’ve recently seen a few notable sites implement Persona, including: Born This Way Foundation, Firebase and the Eclipse Foundation,” said Adida. “These deployments highlight Persona’s simple implementation, ease of use, user-safety, and the fact that, because Persona is built by a non-profit, users – and only users – own and control their identity.”
Besides performance improvements that halve the loading time of Persona, Firefox OS integration was also included. Website developers interested in reading more on how Persona could be implemented into their website, can read a full documentation here.