One of Mozilla’s lesser-known projects is Persona, a login system that aims to eliminate site-specific passwords so you can log in with your existing email accounts without having to type in a password. Its aim is somewhat similar to what Google, Facebook and others are doing with their login systems, though Mozilla’s philosophy is obviously quite different.
Persona uses email addresses to authenticate users and starting today, all Gmail users will be able to use Persona to log in to the sites that support it (and to be honest, there aren’t all that many yet) right out of the box without having to sign up for it in the first place.
As a Mozilla spokesperson told me, the company did not work with Google on this project. Instead, it is using Google’s publicly available OpenID endpoint to “bootstrap a Persona transaction.” It’s worth noting that for now, Persona only supports regular Gmail addresses. While the team is interested in adding support for Google Apps accounts, it’s not clear when it will start supporting these.
Today’s announcement comes almost exactly four months after the company announced the same feature for all Yahoo logins. Today’s addition of Gmail, Mozilla says, means Persona now supports “more than 700,000,000 active email users” – or “about 60-80% of people on most North American websites.”
In most cases, signing in to sites that support Persona just takes a click or two. The authentication is based on public-key cryptography. Unless you are using a Yahoo or Gmail address, you will still have to sign up for Persona to get started and run through the usual email verification process. For these two services, however, Mozilla now uses what it calls an identity bridge, which essentially uses the email provider’s existing OAuth gateway or OpenID endpoint to verify your identity . As long as you stay logged into your Yahoo or Gmail accounts, signing in to third-party sites that support Persona will just take a single click.
Mozilla will use Persona in its own Firefox OS, but outside of the company’s own services, Persona hasn’t gotten much traction yet. Indeed, you’ll probably be hard-pressed to find a site that uses it, so if you want to give it a try, head over to Mozilla’s Webmaker or its 123done demo. Given how easy Persona is to use from a user’s perspective, it’s a shame that there aren’t more services that support it. But maybe now that millions of new email addresses will just work with it out of the box, it will give developers more confidence in the system and get them to support it.