Mozilla Persona Signs Out
Written by Lucy Black   
Wednesday, 13 January 2016

Persona, the single-sign-on solution from Mozilla will shut on November 30, 2016 due to a low level of take up.

 

 

Launched in 2011, Persona's approach to protecting user identity is to put the user's browser in the middle of the authentication process: the browser obtains credentials from the user's email provider, and then turns around and presents those credentials to a website. The email provider can't track the user, but websites can still be confident in the user's identity by cryptographically verifying the credentials.

Initially users had to set up a Persona Id but, taking the browser-based identity idea even further Mozilla introduced Identity Bridging with the Beta 2 release of Persona so that users could sign in to Persona-powered websites with just a few clicks using their existing email account credentials.With dedicated Yahoo and Gmail identiy bridges Persona had a potential of 700 million users.

The trouble is that few sites adopted this solution. So while you are often invited to sign into sites using you Google or Facebook credentials, you'll rarely be prompted to use Persona. 

 

signin

 

The advantage that Persona offered users is that they didn't have to share anything other than their identity - whereas when you use you Google or Facebook credential the receiving site often wants access to your social profile and even your contacts.

Even so this failed to encourage take up of the service and the Mozilla Wiki post that announces the shut down explains that the persona.org service is being shut down because:

Our metrics show that usage of persona.org is low, and has not grown over the last two years.

Hosting a service at the level of security and availability required for an authentication system is no small undertaking, and Mozilla can no longer justify dedicating limited resources to this project.

The service will be supported at a maintenance level until November 30, 2016 and on that date will be taken offline and all user date stored on it will be destroyed.

Mozilla states:

Since the privacy of user data is of utmost importance to Mozilla, we will not transfer it to any third parties.

For the same reason Mozilla will keep control of the persona.org domain rather than selling it or transfer it to a third party. 

The code for Persona is open source, so one option for sites that rely on it would be to self-host an instance of the service dedicated to their own use. However. the wiki entry states:

This approach is not recommended. Persona has a large and complex codebase that has not seen significant development in several years.

This is another example of Mozilla finding that is trying to do more than it can with its resources. Walking away from Persona seems eminently sensible as the amount of damage that will be caused is limited and giving those affected 10 months should be plenty of time to find an alternative. 

personasq

 

 

Banner


Improved Code Completion With JetBrains Mellum
29/10/2024

JetBrains has launched Mellum, a proprietary large language model specifically built for coding. Currently available only with JetBrains AI Assistant, Mellum is claimed to provide faster, sm [ ... ]



Apache Releases Tomcat 11
07/11/2024

Apache has announced the release of Tomcat 11, as well as marking the 25th anniversary of the first commit to the Apache Tomcat source code repository since becoming an ASF project.


More News

 

espbook

 

Comments




or email your comment to: comments@i-programmer.info

Last Updated ( Wednesday, 13 January 2016 )