Mozilla Persona: Single Sign On Finally Done Right?

Mozilla Persona, the rebranded name for the foundation’s BrowserID project, just reached its public beta stage. The goal of the project is to create a distributed identity system that removes the need to register and log in to every site you visit. You’ll have an account with either Persona.org or eventually another provider, which will issue session tokens to relying sites when you click on a button to log in on the site.

From a user standpoint, it’s a seamless experience. When you click on a button to log in via Persona, a window pops open and asks you which of your associated email addresses you wish to sign in with. Upon clicking it, you’re logged in to the site for 30 days (or 24 hours on an untrusted computer). You can already try it out on a few sites, such as this beta crossword page on TheTimes.co.uk.

It currently works in all major browsers with the pop-up window, but the eventual plan is for browsers to integrate Persona. So you could have a little button in the upper right corner that shows which Persona is currently active, and have a part of the UI slide down to approve new sites requesting access. (This would be great for public and shared computers. A couple of clicks to sign out of your Persona, and you’ve made sure that your sessions on every site you’ve used are closed. No more leaving Facebook or whatever logged in on a shared computer.)

It’s also very easy to integrate Persona into an existing web site. Easier than Facebook or Twitter sign on, it has been said. It’s just a little bit of JavaScript and a server-side request to a URL.

It’s all kind of like OpenID, only in a form that’s more convenient and easier for ordinary users to understand. You can find a more technical explanation here, along with some links showing how to integrate it with a web site.