How Mozilla intends to make passwords a thing of the past

It is people’s continued need to access their Facebook or Gmail account that passwords have become so important. What one will do when he/she has forgotten his/her password and cannot access the email account, most importantly, social networking account. It is a dilemma that leads to a lot of frustration. But, could that change? Yes, according to Mozilla. Mozilla launched BrowserID is a new experimental project that simplifies the sign-in process for websites, eliminating the necessity of passwords which was the only way to guarantee privacy.

Mozilla's BrowserID

The game changer:

With Mozilla’s BrowserID, there is no requirement of passwords or the sign-up/verification processes to enter any website. Through an email address associated with BrowserID, users can sign in to websites easily with no further demands for identity proof. The project utilizes the users’ email address to substitute the login details of all the well-known websites such as Google, Twitter and Facebook.

The procedure is very simple. A user logs in to a website but instead of entering the site-specific password, BrowserID intercepts the request and asks to select any one of the email addresses through which the user’s identity can be authenticated.

It is only for a single time that the user is required to verify his/her email addresses after which the BrowserID service uses crypto keys attached to the email address to verify that it is indeed the owner trying to enter the account. Therefore, no future sign-ins are necessary.

Big players:

1. Intel® Identity Protection Technology

Identity thieves have begun using more advanced methods to steal information. A smart innovation from Intel, Intel® Identity Protection Technology, offers double protection against third-party intruders. Intel has built a two-factor authentication procedure into the processors of specific next generation Intel® Core™ processor-based PCs as standard precaution against identity theft. One factor is a username and password while the second, in the case of Intel IPT, is a six digit One-Time Password (OTP) in the user’s PC. Intel IPT ensures this code changes every 30 seconds. It will be very difficult to hack this kind of security.

2. Apple

Apple is also very enthusiastic about such technologies that render passwords and IDs redundant. The company has invested in Near Field Communication Technology that makes the transferring of data over short distances comparatively secure and dependable. The company plans to integrate the technology into the iPhone 5.

3. Google

Google is building on its already existing security measures by encouraging users to relate their sign-on password with their cell phone number. In case, a password is hacked, a new one is sent to the phone, effectively enhancing online security.

Turning point

Mozilla spokesmen is optimistic that BrowserID will successfully triumph over other developed and newly produced technology because of its virtues.

Decentralized- Users do not have to go through third-party channels to access their account on major websites. The BrowserID enables any email address to be used in place of a password.

Ownership-Based Authentication- BrowserID vouches for the users identity by underlining the users' ownership of an exclusive email address.

Improvements- BrowserID is wired for further advancements with the aim of heightening user experience in addition to meeting the requirements of numerous browser vendors.

What makes BrowserID stand apart?

BrowserID is appreciated for streamlining the user experience. An user can easily confirm his identity via the "verified email protocol" rather than remembering a site-specific password, not to mention fewer confirmation messages in the due process of entering the website.

Asymmetric cryptography and digital signatures provide added security for users' sign-up. Browsers create signature details about the user and the information is verified by the identity provider using a key-email pair.

It is very simple to communicate between domains with the cross document messaging system. Apart from accessibility assured with more than one email address, BrowserID will work in tandem with all modern web browsers. Another feature of BrowserID that will gain users' trust is that Mozilla assures the users that their information will be not leaked to any other server.

Applications

Once system is online and fully functional, it will avert a lot of disasters such as the mayhem caused by a group of hackers named Anonymous (LulzSecAnti-Sec). Planning is underway to allow the traditional login and BrowserID simultaneously to be featured on sites like WordPress. Moreover, BrowserID will be compatible with all the major web browsers. Internet users will welcome this additional promise of security and privacy.