Mozilla has announced a Gmail identity bridge for its web login system that eliminates the need for site-specific passwords. Together with the existing Yahoo identity bridge this means that Persona now supports more than 700 million active email users.
Persona's approach to protecting user identity is to put the user's browser in the middle of the authentication process: the browser obtains credentials from the user's email provider, and then turns around and presents those credentials to a website. The email provider can't track the user, but websites can still be confident in the user's identity by cryptographically verifying the credentials.
Initially users had to set up a Persona IdP but taking this idea even further Mozilla introduced Identity Bridging with the Beta 2 release of Persona so that users could sign in to Persona-powered websites with just a few clicks using their existing email account credentials.
In principal Persona can employ identity bridging for any email provider that supports OpenID or OAuth for authentication but at first the facility was restricted to those with Yahoo email accounts but it has now been extended to Gmail.
The blog post by the Mozilla Identity team announcing this expansion claims that Persona's "nativey support" covers 60 to 80 percent of people on most North American websites, providing a convenient way for users to log in to Persona-powered web sites as outlined in this video which demonstrates its use on Mozalla's own Webmaker site.
Now what it needed is more websites to adopt the Persona log in system. The Quick Setup Guide on the Mozilla Developer network outlines five steps:
- Add “login” and “logout” buttons
- Watch for login and logout actions
- Verify the user’s credentials
- Review best practices
and claims that "you should be able to get up and running in a single afternoon".