Mozilla Persona: Browser-side Authentication System

Mozilla had announced the beta version of its long running web-scale identity system, Persona (formerly code-named BrowserID), which is aimed at entrenching privacy and secured web experience by utilizing authentication through existent email as against actual username and password.

Mozilla Persona differs from other authentication systems like OpenID in that it uses email address as identifier and fully integrated into the browser.

Persona takes precedence from the Verified Email Protocol system, which involves only the browser and compliant website.  It relies on public key cryptography on the browser-side without invoking the identity provider in the actual authentication process.

However, users will need create and verify an account on by defining a password and adding one or more email addresses to their account. Thereafter, "Persona Authentication" would only take a two click process for already logged in users, while those not already logged in will need to enter their Persona details in the process.

Persona is built to naturally eliminate users tracking, which provides rest of mind for privacy conscious users, and at the same time ensuring secured access.

On the contrary, if users disclose their Persona details it can be used against them and to access all connected services. Mozilla, however, have iterated its plan to introduce two-factor authentication in later versions to beef-up security.

Developers have been called upon to contribute to the open source project. Whilst, Mozilla have promptly made available an extensive tutorial on What is Persona and How it Works.
Next Post »