Identity at Mozilla

Home of the Mozilla Identity team

  1. Transitioning Persona to Community Ownership

    Mar 7, 2014 — by callahad

    Update: Further discussion on Hacker News. Also, our "After Action Review" (AAR) summarizes the lessons learned by Persona.

    Persona is living proof that federated authentication on the Web can be more safe, usable, and private. With that framework in place, Mozilla has reallocated Persona’s full-time developers to other projects, entrusting Persona’s ongoing development to its community.

    There are no plans to decommission Persona. If it fits your needs, please use it. We will support you.

    Specifically, Mozilla staff will continue to resolve critical bugs, service disruptions, and security issues. Moreover, Mozilla’s new network operations center will handle tier 1 incident response for Persona. The center’s robust, human-backed, 24/7 monitoring will further increase Persona’s reliability and improve incident response times.

    Basically, if Persona works for you now, great! If you’re holding out for new features, we in the Persona community would love to review pull requests, chat on IRC, or respond to mailing list discussions.

    Below, you’ll find answers to frequently asked questions regarding this transition. If yours isn’t addressed, please reach out to us.

    Frequently Asked Questions

    What’s happening to the Persona team?

    The Mozilla staff from the Identity team are already working on Cloud Services projects including Firefox accounts and Sync. Persona’s community has stepped up to lead Persona’s development. This includes both long-term volunteers and former paid contributors, all of whom deeply believe in Persona’s unique vision for decentralized authentication.

    Why has Mozilla stopped funding new feature development on Persona?

    Persona received less adoption than we were hoping for by this point. A summary of the lessons learned is available in Persona’s “After Action Review” (AAR).

    Nevertheless, we do still believe that Persona offers a unique and useful alternative to passwords, and we intend to support it as such. Reducing the scope of Persona and stabilizing its core APIs over the last quarter has shown us that adding more features was not the way forward.

    Meanwhile, Firefox and Firefox OS need a suite of integrated services (Sync, Marketplace, Find My Device) backed by a common account system (a “Firefox Account”). We believe that these needs are more time sensitive, and thus higher priority, than Persona.

    Why don’t Firefox Accounts use Persona?

    Each project addresses very different needs. Persona is designed to be a dead simple email verification tool, while Firefox Accounts is a full-fledged, persistent account system. By developing them separately, we’re able to keep each project lean and focused on its own use cases.

    For instance, it’s possible that Firefox Accounts will use Persona for email verification in the future.

    Where possible, Firefox Accounts and Persona share infrastructure, protocols, data formats, and both server-side and client-side JavaScript libraries. Work on this common foundation benefits both projects.

    Will Mozilla continue to host Persona?

    Absolutely. Persona is a critical part of Mozilla’s own infrastructure, and we have no plans to decommission it. Even in maintenance mode, we understand the importance of authentication and are committed to responsible stewardship of Persona. Should we ever consider decommissioning it, we will provide ample notice and a long deprecation window. This will absolutely not happen in 2014.

    How can I help?

    Persona is open source! We’re currently working on putting together documentation for new contributors — look for another post here in a week or two — but until then, we’d love to see you on GitHub, our IRC channel, or our mailing list.

  2. Persona makes signing in easy for Gmail users

    Aug 8, 2013 — by callahad

    Mozilla Persona is a way to sign into websites that works with any email address.

    Today, we’re happy to announce a new Persona Identity Bridge for Gmail users. This means that every Gmail user can now sign into Persona-powered websites with just a few clicks using their existing account credentials. No new password required. Check it out:

    Combined with our Identity Bridge for Yahoo, Persona now natively supports more than 700,000,000 active email users. That covers roughly 60-80% of people on most North American websites.

    The Gmail bridge is available now, and all Persona-enabled sites will automatically use it. You can try it right now by signing into Webmaker.

    Persona remains committed to privacy: Gmail users can sign into sites with Persona, but Google can’t track which sites they sign into.

    If you run a website, now is an excellent time to start using Persona. Your users are ready; what are you waiting for?

  3. What is an Identity Bridge?

    Jul 26, 2013 — by callahad

    Last April we announced Identity Bridging in Persona, so… what is Identity Bridging?

    Persona is designed to allow you to use your existing email address to log into any website that supports Persona. If your email provider doesn’t support Persona, Mozilla will step in and vouch for you, so long as you can verify your email address.

    Traditionally, this verification was just like any other system: Mozilla would send you an email and ask you to click on the confirmation link it contained.

    With Identity Bridging, Persona learned a new trick; instead of sending confirmation emails, Persona can ask you to verify your identity via your email provider’s existing OpenID or OAuth gateway.

    This makes Persona a near-seamless experience for hundreds of millions of users worldwide, and site owners don’t have to change a thing to take advantage of current or future bridges; it’s all automatic.

    What’s more, users still experience all of the same privacy-protecting and anti-tracking benefits of Persona.

    We launched Identity Bridging with support for Yahoo Mail.

    We can’t wait to show you what’s next.

  4. Contributor Spotlight: Dirkjan Ochtman

    Jul 25, 2013 — by callahad

    Over the past year, Dirkjan Ochtman has been a consistent, constructive voice in the Persona community. His involvement has helped ensure that we stay true to Mozilla’s mission of open, transparent, and participatory innovation.

    More impressively, Persona’s new backgroundColor feature is the direct result of Dirkjan’s efforts.

    We hope this interview highlights his contributions and inspires others to get involved.

    From the rest of us at Mozilla, thank you.


    Who are you?

    I’m Dirkjan Ochtman, a 30-year old software developer living in Amsterdam. I work for a financial startup by day; in my free time, I contribute to a bunch of open source projects, like Mercurial, Python, Gentoo Linux and Apache CouchDB. I also started a few things of my own.

    Have you contributed to Mozilla projects in the past? How did you get involved in Persona?

    I started using Firefox almost ten years ago, and I’d been watching Mozilla before that. The Mozilla mission of an open Internet resonates with me, so I tend to try and find stuff around the edges of the project where I can help. This year, I also became a Mozilla Rep.

    I find BrowserID/Persona compelling because I hate having to register on different sites and make up passwords that fit (often inane) security requirements. And you just know that many sites store passwords insecurely, leaking sensitive information when they get hacked. Persona allows me to authenticate with my email address and a single password; no more guessing which username I used. I trust Mozilla’s password storage to be much more secure than the average Internet site, and because Persona is open source, I can verify that it is.

    In addition to setting up Persona sign in on a small community site I run, I’ve also implemented my own Python-based Identity Provider. This means that when I use Persona, I control my own login experience. My Identity Provider uses Google Authenticator, so now I don’t have to remember any passwords at all.

    The documentation for building an Identity Provider was scattered and incomplete, so I helped improve that. From that work, I got to know some of the great people who work on Identity at Mozilla.

    What have you hacked on recently?

    There has been a long-standing issue that the Persona dialog contained too much Mozilla branding and did not sufficiently emphasize the individual websites that users were signing into. There was an issue about this on Github, but I seem to remember complaints on the mailing list from even longer ago.

    Of course, I prefer to use Persona over Facebook Connect or Twitter, so I decided to see if I could fix some of these issues. Luckily one of the Persona developers, Shane Tomlinson, was available to work on this at roughly the same time.

    To improve the branding balance, we first de-emphasized the Persona branding. I focused on allowing websites to specify a background color for the Persona dialog. This is important because it can make the dialog feel much more “at home” on a site. We had to work out some tricks to ensure that text stayed readable regardless of the background color specified.

    What was that experience like?

    It was great. I had no previous experience with Node.js, but getting the application up and running was easy. I got basic backgroundColor support working in a few hours, but it took a few nights to tweak things and write tests. Fortunately, Shane is also based in Europe, so we could easily work together. When Shane showed our work on the mailing list, response from the other developers was very positive.

    It would be really great if this helps drive Persona adoption amongst large websites.

    Any plans for future contributions?

    I’ll probably stay involved for the foreseeable future. Now that I know what I’m doing with the dialog, I would like to help out with further improvements to the login flow and website API. I’m also very interested in stabilization and/or standardization of the Identity Provider API.

  5. Persona: A login that matches your site

    Jul 18, 2013 — by callahad

    The next time you use Persona, it might look a little different. In response to user feedback, we’ve reduced the prominence of the Mozilla brand in the login dialog and completely eliminated the big “Persona” header. This keeps the focus on individual sites, rather than the mechanism powering login.

    With Persona, your site is at the forefront:

    image

    The dialog is also becoming more customizable. In addition to a siteName and siteLogo, websites can now set a backgroundColor so that the Persona dialog matches their site’s design.

    For example, to get a bright blue dialog, a site can simply call: navigator.id.request({backgroundColor: '#24ccff'});

    image

    We owe this feature to the efforts of Dirkjan Ochtman, a Mozilla community member and open source software contributor. Next week, we’ll publish a brief interview with Dirkjan highlighting his contributions.

    If you’d like to get involved, you can find the Persona team in #identity on irc.mozilla.org or on the dev-identity mailing list. Our code is open source and available on GitHub.

  6. Persona and Surveillance

    Jun 11, 2013 — by benadida

    Over the last few days, news reports indicate that US government agencies are involved in broad surveillance of phone and Internet traffic. The exact extent of this surveillance is not fully understood. The Mozilla Identity Team joins the rest of Mozilla in calling for a thorough investigation of these surveillance activities. We also join security professionals like Bruce Schneier in highlighting the importance of transparency of surveillance activities:

    Knowing how the government spies on us is important. Not only because so much of it is illegal — or, to be as charitable as possible, based on novel interpretations of the law — but because we have a right to know.

    So, with that said, let’s talk about Mozilla Persona in this context, and more broadly about Mozilla-provided user services. Mozilla stores some user data to provide these services. As per our privacy policy, we store only what we must to provide the features we build and validate with users and developers. Mozilla’s Manifesto clearly shows how we focus on user sovereignty, whether we’re discussing Firefox or Persona.

    Some have called on us to move Persona servers outside the US to escape the now-revealed surveillance activity. We don’t think that would help, and even if it did a bit, we think we can be much more productive by focusing on other areas. First, it’s not clear to us that other governments have any less intrusive surveillance activities. Second, as a US company, Mozilla is subject to US Laws, wherever we host our servers. Third, we’d rather not engage in an arms-race with US government agencies. We’d rather focus on efforts to change the Law to respect user data wherever it lives.

    It’s also worth pointing out that we do take certain technical measures to limit the data we collect. We’ve designed Persona so that the identity provider – including the fallback Identity Provider that we run – does not learn your browsing history. We consider that a good security practice, not specifically because of surveillance, but generally because collecting data without a user benefit just creates risk.

    Mozilla will always do its utmost to serve and protect users, with a combination of technology and policy. We want to make sure the Law helps us do that. Help us by signing the petition.

  7. New Persona Beta: Millions of Users Ready to Log In using Any Browser

    Apr 9, 2013 — by benadida

    Persona, Mozilla’s easy and safe way to log into your favorite websites, using any modern browser, is now in Beta 2. The goal of Persona is simple: we want to eliminate passwords on the Web. This release, packed with performance improvements and new features, brings us another big step closer to that goal. In particular, we’ve made it easy for users with existing Web accounts to log in without creating a new account or password. This brings secure login within two clicks for hundreds of millions of users worldwide, regardless of whether they’re on a desktop, tablet, or mobile phone.

    We’ve recently seen a few notable sites implement Persona, including: Born This Way Foundation, Firebase and the Orion Project. These deployments highlight Persona’s simple implementation, ease of use, user-safety, and the fact that, because Persona is built by a non-profit, users – and only users – own and control their identity. Let’s show you Persona Beta 2 in action:

     

    Identity Bridging

    The most important feature of Persona Beta 2 is Identity Bridging, where users can log into Persona-supporting web sites with their existing accounts. We’re starting with yahoo.com. Try it now on our sample site 123done.org: click “Sign in”, enter your yahoo.com email address, and go!

    Websites that use Persona benefit from this improvement immediately: hundreds of millions of Web users are now ready to log in with just a few clicks. Users have complete choice and a simple flow: click one login button and select your preferred email address. Identity Bridging kicks in dynamically based on the user’s chosen email address.

    The technical details behind Identity Bridging are detailed on the Mozilla Hacks blog. You can also read a detailed Q&A with Lead Engineer Lloyd Hilaiel.

    More Improvements

    Twice as Fast. We know performance is important to every site, so we made our button and popup load twice as fast. We’re working on more improvements as we go.

    Use your Existing Accounts. We’ve bridged yahoo.com, but of course we built an open system: any domain can now become a Persona Identity Provider so users can reuse their existing accounts on any site that uses Persona.

    Built Into Firefox OS. We built in support for Firefox OS and made Persona much faster on all mobile devices. This gives Firefox OS apps an even better experience when using Persona.

    Adoption

    Our adopters make us blush with the nice things they have to say about Persona.

    Tara Tiger Brown of Born This Way Foundation commented: “Our mission at Born This Way Foundation is to promote a kinder, braver world where youth feel empowered to be themselves in a safe and supportive environment. In order to support our mission, we must keep our Born Brave Nation members’ identities and information safe. Mozilla Persona is a single sign-on online identity system that respects user privacy, very user friendly and simple to setup and maintain.”

    Anant Narayanan of Firebase, makers of a scalable real-time backend that lets developers build apps fast without the hassle of managing servers, said “We added support for Persona as one of the authentication mechanisms for our Simple Login service, and we are very pleased with the result! The distributed nature of Persona and its elegant API makes it the ideal candidate for the types of apps we want people to build with Firebase.”

    Ting, Tucows’s mobile phone service that makes sense, implemented Persona and said “The fact that user privacy is one of the foundations on which Persona is built means it’s the first single sign-in solution that we feel is worthy of recommendation and of implementation.”

    Barry Warsaw, who runs the omnipresent GNU Mailman mailing list manager, added “GNU Mailman 3 chose Persona as our primary authentication mechanism because its email-based login system is a perfect fit for our mailing list software. All we need to identify a person is confirmation that they own their subscription address, and integrating Persona made that verification easy. Ideally, we’d like to do away with passwords altogether, and with Persona, this is now possible.”

    Simon Kaegi of the Orion Project added “Persona is the simplest means of high quality authentication I’m aware of. In our UX review, Persona was clearly superior to OpenID.”

    Discourse, the company rebooting online discussion forums, added Persona support to its codebase and enabled it on its own discussion site, adding “It has a very slick user experience, so we hope people try it out.”

    Julius Schorzman of DailyCred, the instant CRM package for any web site, implemented Persona and remarked “We’ve seen from our internal metrics that more than 70% of users still prefer email and password authentication over social log-in like Facebook. Implementing Persona is actually easier than Facebook Connect, or any OAuth implementation we’ve seen.”

    Acros Security, the third-party reviewers we brought in to audit Persona, told us “We’re quite impressed with the level of security [of Persona] and, although paranoid by design, we will be able to trust it with our own online identities.”

    Your Turn

    We’re building Persona in the same way we do everything at Mozilla: in the open, with your help and contributions. Now it’s your turn. Deploy Persona on your web site. Turn your domain into a Persona Identity Provider. Tell us what you need to make Persona even better. Want to fix it yourself? Send us a patch.

    Together, in the open, we will continue to build a login system that is better: Better for users, better for web sites, and better for the Web.

    UPDATE: We mistakenly attributed a quotation to the Eclipse Foundation’s Ian Skerrett. It should have been attributed to the Orion Project’s Simon Kaegi. The text above shows the correction.

  8. Persona on Firefox OS phones

    Apr 4, 2013 — by benadida

    You’ve probably heard about Firefox OS, Mozilla’s major effort to create a free mobile phone ecosystem using HTML5 as the one platform you need to develop rich mobile apps. You can expect Firefox OS phones in stores in South America later this year.

    What you may not yet know is that we built Persona into Firefox OS. When invoked on Firefox OS, Persona presents a natively-optimized, trusted interface for logging into your favorite app or web site, including the Firefox Marketplace. If you use Persona, you don’t need to change a thing. You’ll get the native interface automatically on Firefox OS devices. That’s the beauty of the JavaScript shim approach we took: it works on all browsers, and it automatically improves on devices that support the Persona API natively.

    we don’t need another silo

    We could have done what every other company does: simply build Firefox OS accounts optimized for our operating system, focused purely on Mozilla. But that’s not how we do things. Our mission is to give users sovereignty over their Internet experience, to help and defend the Open Web. So we built Persona, an Identity System for the Web, and we’re iterating it to make sure it provides tremendous user and developer value while preserving real user choice. Then, we built Persona into the Firefox OS phone.

    faster, especially on data connections

    We’ve done a good bit of work to make Persona faster on slower data connections. We optimized our font delivery. We optimized our crypto library. Overall, Persona is now twice as fast now as it was a few months ago. And we’ve got more tricks up our sleeve to continue to make Persona fast.

    innovation: from mobile to desktop

    We started by innovating on mobile, with native Persona on Firefox OS. The mobile constraints helped us focus our native implementation and make the right engineering compromises. Now, we’re taking those lessons and bringing them to Firefox on Android and Desktop. Native Persona support on all versions of Firefox is coming.

    As always, we welcome your questions and comments on our mailing list, or via the #MozillaPersona hash-tag on Twitter.

  9. Persona is distributed. Today.

    Mar 26, 2013 — by benadida

    With Persona, you can log into web sites using the email address of your choice. The first time you use an email, our servers send you a confirmation link. By following that link, you confirm your identity to Persona, which then vouches for your ownership of that email address.

    Of course, in the long term, Persona is meant to be distributed: alice@example.com should be verified and certified by the administrators of example.com. If example.com wants to use 2-digit passwords, they can. If they want to use retinal scans powered by your webcam, they can. It’s up to them. With each domain able to customize its authentication protocol with its users, the Web becomes more secure.

    Did you know that Persona supports this today?

    If you own a domain, you can claim your users without asking Mozilla. Just follow the Persona Identity Provider protocol as described in our Identity Provider Guide. You can also start with the code for eyedee.me, our example Identity Provider. Just connect this code to your user database and advertise your domain as a Persona Identity Provider.

    Pragmatic, Gradual Distribution

    We don’t expect the world to switch over to a distributed authentication protocol overnight. In fact, we expect to be running the Persona Identity Provider, which we call the Fallback, for a long time and for a lot of users. Building new distributed protocols takes time.

    That said, we’re not waiting around to make Persona capable of distributed authentication. For those users and domains who want it, Persona is already distributed. We think that’s pretty cool.

    As always, we welcome your questions and comments on our mailing list, or via the #MozillaPersona hash-tag on Twitter.

  10. we’re changing our privacy policy

    Mar 22, 2013 — by benadida

    "We’re changing our privacy policy…" Does that sentence fill you with dread? Most of the time, unfortunately, it should. Too many web services change privacy policy to increase collection and use of your data. It’s often hard to keep up with these changes.

    In this case, you can rest easy. We’re making the Mozilla Persona privacy policy better for users. We simply noticed that we claimed we were retaining data which, in fact, we do not retain. Specifically, we do not retain the list of sites you visit with Persona. We’re tightening the language of the privacy policy to state that explicitly.

    At Mozilla, we use your data only to serve you. We also work hard to minimize how much data we collect: we don’t collect data preemptively, “just in case” we need it for future features. Check out the Mozilla Privacy Principles.

    And since all our code is public, you can review the privacy policy patch we just committed to our public code repository. This policy should go live in the next couple of weeks.

    As always, we welcome your questions and comments on our mailing list, or via the #MozillaPersona hash-tag on Twitter.