How convenient would it be if you did not have to have different login details for a range of sites? And if you could store your user data more securely? Mozilla has started to look into this and has just launched BrowserID, an experimental tool that stores your identity information inside your browser.
Mozilla claims that with BrowserID there will be a better and easier way for users to sign in. A user can prove their ownership of an email address with fewer confirmation messages and without site-specific passwords. This experiment forms part of a wider exercise by Mozilla which concentrates on exploring and changing the way user identity works on the web.
These are some of the key aspects of this new way of signing in, as proposed by Mozilla:
- Single verification – With BrowserID users will only have to verify their email address once before they can use BrowserID to sign into any website supporting BrowserID with two clicks.
- Email address confirmation – If the user is logged into BrowserID, all email addresses associated with the respective account are displayed automatically. The user then has to to select one, or use the default selection, and click the Sign In button in the window afterwards. A password does not need to be entered anymore.
- Secure – The Verified Email Protocol that the BrowserID uses is entirely based on a user’s email address (as opposed to the OpenID which is typically based on a user ID or user-specific URL). The idea behind using verified emails is that it should be easier and more secure for the user to control. Sites get proof of ownership using public key cryptography.
- Cross-browser – Not unimportantly, BrowserID will work on all modern web (including Internet Explorer) and mobile browsers.
- Decentralised – Anyone with an email address can sign in with BrowserID.
Related links for further learning: