Mozilla is finally and officially closing its Persona Web authentication system after coming to the conclusion that the technology was not being adopted.
Using and storing passwords securely has always been a challenge on the Internet. The promise of Persona was to make Web authentication easier than users needing to remember a separate login for every Website. With Persona, a verified user email that is securely stored by the browser is all that is needed to get access to a site.
The challenge is that both Websites and users needed to support and use the mechanism, which never really happened. Mozilla first started building the Persona technology under the name BrowserID in 2011. At the time, BrowserID was seen by Mozilla as a potential rival to the OAuth standard, which is now widely used by Websites to enable single-sign-on access.
Although Mozilla wasn’t directly developing the Persona technology, since the technology is all open-source, the hope was that a community would develop around Persona to push it forward, but that never happened.
“Due to low, declining usage, we are reallocating the project’s dedicated, ongoing resources and will shut down the Persona.org services that we run,” Mozilla announced on a wiki page about the Persona shutdown.
Mozilla isn’t immediately pulling the plug; it’s giving those that do rely on its Persona infrastructure until Nov. 30, 2016, before all services are finally shut down. The actual open-source code for Persona will remain open source and available on Github.
While Mozilla is walking away from Persona, it has been working on and is now using another technology called Firefox Accounts that integrates with the Firefox Web browser that enables users to synchronize activities across mobile and desktop versions of Firefox.
“Persona is designed to be a dead-simple email verification tool, while Firefox Accounts is a full-fledged, persistent account system,” the Mozilla identity Website explained. “By developing them separately, we’re able to keep each project lean and focused on its own use cases.”
Scott Petry, CEO and co-founder of security vendor Authentic8, isn’t surprised that Mozilla is shutting down Persona.
“There are a variety of federated authentication solutions available, and many are not reaching critical mass,” Petry told eWEEK. “Persona wasn’t able to cross an adoption tipping point to make it stick.”
The Security Assertion Markup Language (SAML) standard is one such authentication technology that is gaining acceptance for federated identity. However, Petry noted that adoption is partially driven by SAML’s integration with enterprise identity solutions.
“Persona wasn’t trying to establish itself as a robust federated authentication system as much as it was trying to provide a more anonymous method for individuals to be able to log in to Websites with some degree of privacy,” Petry said. “That’s a more nuanced message to the market and a much harder target market to get to adopt en masse.”
Originally published on eWeek.
OpenAI reportedly set to finalise design for first in-house AI chip within months, putting it…
Chinese AI start-up DeepSeek discontinues promotional pricing for V3 large language model as demand surge…
US researchers say innovative technique delivers performance beating recent OpenAI model with training costs of…
World's biggest EV maker BYD to bring advanced self-driving features to nearly all vehicles, in…
China representative at AI Action Summit says tensions with US hindering safety efforts, trades barbs…
At AI Action Summit, French president Macron, EU digital chief promise to 'simplify' red tape…