The four currently available signup/login methods are all keyed by email address and can be used interchangeably if you use the same email address at each service:
It’d be nice if Persona could be the only method. Unfortunately its future is uncertain. To keep an eye on it or better, to help, see its mailing list.
Makes sense! Thanks for setting this up. Ready for the ride.
Ni! Cool, I’ve logged in with Persona. But is there no option to allow OpenID? I serve my own OpenID now, because every up-to-date RedMatrix server is now an OpenID provider. ;D
AFAICT there isn’t an option to allow user-specified OpenID authentication, as opposed to using OpenID behind the scenes for specific providers. Nearest to I direct answer I could find. If you find different let me know.
I still regularly see questions about what’s up with Persona, including on the topic for the Discourse Persona plugin, and wonder myself.
There’s a bullet-point write up at https://wiki.mozilla.org/Identity/Persona_AAR which links to an informative comment from the person at Mozilla who the Persona team apparently worked for, at least 594 days ago. Those found in comments about Persona (also informative) in a recent HN thread.
I’d really enjoy it if someone were to synthesize all that info into a detailed neutral analysis of where Persona went wrong and how it might be rebooted successfully.
For now, perhaps indefinitely, Mozilla continues to run Persona servers and some Mozillians fix security bugs on their own time, and several Mozilla websites still use Persona, as do various other websites such as Discourse ones with the Persona plugin activated. Seems like a great candidate for Mozilla to re-fund with its just announced Mozilla Open Source Support program with initial funding of $1 million: Mozilla relies on Persona and there’s no other open web play in that space (in contrast with many of the programs Mozilla relies on, which are one of many, e.g., web frameworks).
Is there a complete OpenID plugin for more than just Google? That would be nice
Edit: I did some searching and still don’t find one. I guess I should add that to me list of things to maybe work on some day.
BTW I noticed your comment:
Persona was always weird. An OpenID knock-off (where OpenID is a SAML knock-off) long after OpenID was already very popular.
Maybe Persona isn’t technically interesting, but it seemed better positioned for mass adoption: email as identifier familiar, shim allow most people to do easy thing and rely on central service, while the protocol completely supports decentralization, and Mozilla could have built it into Firefox.
I guess the opportunity has passed. I hang onto it largely because I don’t see another semi-viable option at this point (other than, of course, storing user credentials everywhere, or having Google and Facebook do that for everywhere).
Chris Webber mentioned the Open Credentials group, but I haven’t looked into it yet.
What is the path forward now? Whatever it is, having potential for being a default login method shipping in software like Discourse seems like a minimum mass adoption bar to me.
(Hm… time to set a proper password here!)
In my view all these working groups won’t get us anywhere interesting.
Hubzilla (the platform that evolved from Redmatrix, which was the experiment that evolved from Friendica) has solved these and more important issues that these groups don’t even recognize, in an elegant way, still nobody cares.
As far as I get it these groups actively avoid approaching the real issues regarding identity on the web, those that are disruptive of the status quo and lead to the ideas that HZ has deployed (and tested, and improved, for years now).
What they’re trying to achieve ain’t gonna change a thing on the Internet. They act like engineers ordered by suits (which, not coincidentally, most of them in fact are) to reinvent the square wheel while there are hackers in garages out there riding formula ones.
I’ve been dimly aware of Hubzilla and ancestors for a long time and certainly should pay more attention. OK, where is the best place to learn how it works, and “these and more important issues that these groups don’t even recognize, in an elegant way” – https://github.com/redmatrix/hubzilla/blob/master/doc/zot.md ?
BTW there’s no enwp article about Hubzilla, but I just created https://www.wikidata.org/wiki/Q22115408 – facts wanted.
That’s a good starting point, there’s also some interesting notes here that help understanding what is going on with:
Devel help files on any hub:
Notes on magic-auth
Notes on DNS insulation
Essentially, it is about creating a web where identity and privacy are built in a way that keeps the member independent from the server.
Not only can I communicate and be recognized transparently between servers, but when moving (or cloning - after all with the Internet we can be in two places at the same time) my account and content from one server to another, there’s zero overhead in terms of reestablishing connections and permissions.
Persona is shutting down in 30 days. According to https://meta.discourse.org/t/persona-login-plugin/13086/29 people who have Persona-only logins to Discourse instances like this one can use “forgot your password” to get a regular password.
Maybe not coincidentally its “spiritual successor” Portier was announced today: discussion. Seems self-hosted only.
https://github.com/portier/portier.github.io/blob/master/OtherProjects.md has comparison with other projects including Persona and an evaluation of Persona.
Hopefully someone will make a Discourse integration. I imagine a Hubzilla integration would be harder as Discourse really wants an email address.