Life after passwords: Mozilla releases Persona online ID system

Mozilla released an ID system this week called 'Persona,' which promises to be easier and more secure than traditional username/password combinations. However, Mozilla admits the system, still in beta, has a few downsides.

crossword.thetimes.co.uk
Mozilla's "Persona" online ID system uses a single email to sign users in to sites, rather than relying on different usernames and passwords. Here, Persona prompts a user to sign in to the Times Crossword site.

Let's face it: passwords are a pain. The best passwords are non-dictionary words (the word "password," for example, isn't as strong as something like "#PAs$W0rd!"), which makes them difficult to remember. And for maximum security online, experts recommend that you don't use the same password across different sites – which only adds to the complexity.

Mozilla, the software foundation behind the Firefox browser, has a plan to make online security easier. This week the company released a beta version of Persona, a system that lets users securely sign into different sites without having to worry about passwords.

How does it work? Rather than relying on each individual website to authenticate users, Persona makes your Web browser of choice (Safari, Firefox, or others) do the work. Traditionally you'd use a combination of a username and password to sign into, say, a banking site – Persona instead uses your e-mail address.

It works like this: pick an e-mail address and a password to use across Persona. Mozilla will e-mail you at that address to verify that it's really yours. Then, any time you encounter a site that supports Persona (the Times Crossword is one early adopter), you can sign in using that single e-mail and password combination.  

The system automatically verifies that you're the real account owner based on the initial e-mail verification. The sites themselves never see your Persona password. Persona does, of course, see your password. The Times Crossword (for example) does not. This feature may reduce your risk of having your password hacked, since it limits individual sites' exposure to your sensitive information.

Mozilla says Persona is identity management that "just works," and it's clearly excited about the service's potential (for what it's worth, most of Mozilla's sites already implement Persona). It's worth pointing out, too, that the service works with all the major desktop browsers – including Opera – as well as with mobile browsers for iOS and Android. You can even create a few different identities with different e-mail addresses, if you want to keep your work and home life separate.

That said, Persona does have at least one downside: since it's still more or less in its infancy, the service doesn't have widespread support from website owners or from individual users. Mozilla admits that the service will be more useful and more secure once it's supported by websites, browsers, and e-mail providers, but that the system "can't get a critical mass of users without support from the above groups." In the meantime, the company has implemented some clever workarounds that allow the service to work smoothly even though it's not totally supported across the board.

For more on how technology intersects daily life, follow us on Twitter @venturenaut.

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.