BrightSide introduces Persona, a Single Sign On system developed and hosted at Mozilla
OpenID has been the SSO universally accepted in social networks, once accepted that not everyone using it kwew what was this all about. Persona, formerly BrowserId, irrupted in SSO world with force, simplicity and open sourced. The ingredients seem perfect to atract developer interes.
Sign once, be recognized ever
That's what we expect from an SSO, not being asked every time for our nick name and password. The fact that security is one of the main factors when we sign into a system, may not be so atractive to the final user, but it is to developers. SSO systems are secured with SSL and this is a must have requirement for web based aplications.
BrightSide implementation of Persona
BrightSide allows and recomends using Persona to sign into the system. Major benefits:
- Sign without password, but with your email. Persona takes care of asking, whether necessary, the Persona password.
- Verify your identity using your own email.
- Long term sessions.
- Sign in and out of web sites separately. Persona remembers where the session was audited.
- Sign up in less than one minute, manage your account in Persona's site.
- Single account, multiple web sites.
How it works
Persona site already has multiple examples on different languages. Anyway, I'll publish the source code with the main changes I made to achieve the implementation. I'll also try to provide an easy explanation on how the system works and which security risks you may avoid on your system.
Learn more about Persona at https://login.persona.org.