Mozilla Aims To Make Passwords Obsolete
Mozilla is working on a project that could eliminate the need for passwords and the sign-up/verification processes on websites. Mozilla's BrowserID is an experimental way of logging in to websites. BrowserID uses the verified email protocol and aims to offer a streamlined user experience. After a user proves ownership of an email address, they will be able to use that address with BrowserID to sign in to websites quickly and easily—no passwords or further verification of your email address are necessary.
Introducing BrowserID: A better way to sign in
Jul 14, 2011 — by millsd
Today we’re excited to announce BrowserID: an experimental new way of signing into websites. Our goal with BrowserID was to design something safe and easy for users and the developers. We’d love for you to try it out and let us know what you think.
For a Web developer, creating a new application always involves an annoying hurdle: how do users sign in? An email address with a confirmation step is the classic method, but it demands a user’s time and requires the user to take an extra step and remember another password. Outsourcing login and identity management to large providers like Facebook, Twitter, or Google is an option, but these products also come with lock-in, reliability issues, and data privacy concerns.
With BrowserID, there is a better way to sign in. BrowserID implements the /verified email protocol/, which offers a streamlined user experience. A user can prove their ownership of an email address with fewer confirmation messages and without site-specific passwords.
- Easy to use
Users gain a streamlined one-click experience that feels the same on any site they visit. Developers save time by deploying BrowserID, eliminating the need to implement email verification. Check out the links at the end of the post for more information.
BrowserID implements the Verified Email Protocol, which is designed with security in mind. Sites get proof of ownership using public key cryptography—but don’t worry, we have a verification service so you can get started without writing a single line of crypto code.
BrowserID will work on all modern browsers, including recent versions of IE, and on mobile browsers!
Anyone with an email address can sign in with BrowserID, and email providers can implement BrowserID support to make the system even easier for their users.
- Even better on future browsers
- Respects user privacy
Unlike other sign-in systems, BrowserID does not leak information back to any server (not even to the BrowserID servers) about which sites a user visits.
BrowserID is highly experimental and we’re still iterating, today we’re happy to announce the launch of a prototype for community review. We’d love for you to try it out and let us know what you think. To get started check out the quick tutorial and demo site.