Home of the Mozilla Identity team
We were very happy to see the revamped “Log In with Google Plus” product from our friends across town: big improvements in user experience, great mobile integration, and clearer privacy controls. Still, we think Identity on the Web can be better: easier for developers, true choice and control for users.
In particular, we think login should be personal and minimal first, social later. We’re not the only ones who think so, as TechCrunch reported:
Some people don’t have Facebook or Twitter accounts. Others have deleted them to live a more “real” existence. Then there are those with social accounts, but who don’t want to give their most private data to just any developer. Their biographical info, location, interests, and the ability to post things to their friends are not things they want to give away without some vetting.
Rockmelt co-founder and CEO Vishria tells me his company learned a big lesson […]: “because of privacy implications, people want to try an app with email and then add social later if they like it.” I call this “try before you pry,” and Vishria explains “there’s a certain level of trust that builds over time.”
That’s why a login with Mozilla Persona delivers only the user’s preferred identity to the site.
We also noticed that users dislike the NASCAR-style plastering of branded login buttons. If the user recognizes none, she’s forced to use a new identity provider. If the user recognizes one, the others are distracting. If the user recognizes more than one, she’ll likely forget which one she used the first time, click another one the second time, fail to retrieve her data at the web site in question, groan, and start again.
We can do better. The user should see only options relevant to her!
With Persona, the user chooses any email address she wishes. Only the user’s own email addresses are ever displayed. When returning to a site, the last-used address is even pre-selected.
When logging in with Google Plus, users choose how much to reveal to their friends. However, users still cannot choose how much to reveal to Google: Google learns every user’s login at every site. It’s as if a hotel receptionist called up the Department of Motor Vehicles to inform them of your checkin because you provided a driver’s license as identification. A bit jarring, in our opinion.
We built the Persona protocol to reduce data sharing to the minimum needed for the user to easily log in: the browser mediates the login without leaking data to the identity provider. In the end, Persona is the easy login solution that respects users.
As always, we welcome your questions and comments on our mailing list, or via the #MozillaPersona hash-tag on Twitter.