Mozilla Persona Signs Out
Written by Lucy Black   
Wednesday, 13 January 2016

Persona, the single-sign-on solution from Mozilla will shut on November 30, 2016 due to a low level of take up.

 

 

Launched in 2011, Persona's approach to protecting user identity is to put the user's browser in the middle of the authentication process: the browser obtains credentials from the user's email provider, and then turns around and presents those credentials to a website. The email provider can't track the user, but websites can still be confident in the user's identity by cryptographically verifying the credentials.

Initially users had to set up a Persona Id but, taking the browser-based identity idea even further Mozilla introduced Identity Bridging with the Beta 2 release of Persona so that users could sign in to Persona-powered websites with just a few clicks using their existing email account credentials.With dedicated Yahoo and Gmail identiy bridges Persona had a potential of 700 million users.

The trouble is that few sites adopted this solution. So while you are often invited to sign into sites using you Google or Facebook credentials, you'll rarely be prompted to use Persona. 

 

signin

 

The advantage that Persona offered users is that they didn't have to share anything other than their identity - whereas when you use you Google or Facebook credential the receiving site often wants access to your social profile and even your contacts.

Even so this failed to encourage take up of the service and the Mozilla Wiki post that announces the shut down explains that the persona.org service is being shut down because:

Our metrics show that usage of persona.org is low, and has not grown over the last two years.

Hosting a service at the level of security and availability required for an authentication system is no small undertaking, and Mozilla can no longer justify dedicating limited resources to this project.

The service will be supported at a maintenance level until November 30, 2016 and on that date will be taken offline and all user date stored on it will be destroyed.

Mozilla states:

Since the privacy of user data is of utmost importance to Mozilla, we will not transfer it to any third parties.

For the same reason Mozilla will keep control of the persona.org domain rather than selling it or transfer it to a third party. 

The code for Persona is open source, so one option for sites that rely on it would be to self-host an instance of the service dedicated to their own use. However. the wiki entry states:

This approach is not recommended. Persona has a large and complex codebase that has not seen significant development in several years.

This is another example of Mozilla finding that is trying to do more than it can with its resources. Walking away from Persona seems eminently sensible as the amount of damage that will be caused is limited and giving those affected 10 months should be plenty of time to find an alternative. 

personasq

 

 

Banner


PyRobot - Python for Robotics
11/07/2019

We've grown accustomed to hearing about Python being used for pretty much everything, albeit mostly for data science. It's time to consider it for robotics too. 



Mozilla Not An Internet Villain But Still Criticized
12/07/2019

When ISPA, a organization that considers itself the voice of the UK Internet Industry, nominated Mozilla for its 2019 Internet Villain Award, it unleashed a barrage of complaints. This led it to withd [ ... ]


More News

 

appC

 



 

Comments




or email your comment to: comments@i-programmer.info

Last Updated ( Wednesday, 13 January 2016 )