Weitere ähnliche Inhalte Ähnlich wie The Web beyond "usernames & passwords" (OSDC12) (20) Mehr von Francois Marier (18) Kürzlich hochgeladen (20) The Web beyond "usernames & passwords" (OSDC12)15. bcrypt
0 1 2
2
per-user salt
o rd
site secret
s s w s
p a & lockoutne
li policies
password
id e
g u
secure recovery
19. # hits
signup signup_complete
20. # hits
lost
cust-
omers
signup signup_complete
25. so...
storing passwords is hard
26. so...
storing passwords is hard
no suitable alternatives
39. you have a signed statement from your
provider that you own your email address
48. assertion
wikipedia.org
Valid for: 2 minutes
49. assertion
wikipedia.org
Valid for: 2 minutes
check audience
50. assertion
wikipedia.org
Valid for: 2 minutes
check audience
check expiry
51. assertion
wikipedia.org
Valid for: 2 minutes
check audience
check expiry
check signature
53. assertion
wikipedia.org
Valid for: 2 minutes
73. navigator.id.watch({
loggedInEmail: “francois@mozilla.com”,
onlogin: function (assertion) {
$.post('/login',
{assertion: assertion},
function (data) {
// do something
}
);
},
onlogout: function () {
window.location = '/logout';
}
});
74. navigator.id.watch({
loggedInUser: “francois@mozilla.com”,
onlogin: function (assertion) {
$.post('/login',
{assertion: assertion},
function (data) {
// do something
}
);
},
onlogout: function () {
window.location = '/logout';
}
});
75. navigator.id.watch({
loggedInUser: null,
onlogin: function (assertion) {
$.post('/login',
{assertion: assertion},
function (data) {
// do something
}
);
},
onlogout: function () {
window.location = '/logout';
}
});
76. navigator.id.watch({
loggedInUser: null,
onlogin: function (assertion) {
$.post('/login',
{assertion: assertion},
function (data) {
// do something
}
);
},
onlogout: function () {
window.location = '/logout';
}
});
77. navigator.id.watch({
loggedInUser: null,
onlogin: function (assertion) {
$.post('/login',
{assertion: assertion},
function (data) {
window.location = '/';
}
);
},
onlogout: function () {
window.location = '/logout';
}
});
83. navigator.id.watch({
loggedInUser: null,
onlogin: function (assertion) {
$.post('/login',
{assertion: assertion},
function (data) {
window.location = '/';
}
);
},
onlogout: function () {
window.location = '/logout';
}
});
84. navigator.id.watch({
loggedInUser: null,
onlogin: function (assertion) {
$.post('/login',
{assertion: assertion},
function (data) {
window.location = '/home';
}
);
},
onlogout: function () {
window.location = '/logout';
}
});
85. $ curl -d "assertion=<ASSERTION>&
audience=http://123done.org"
https://verifier.login.persona.org/verify
86. $ curl -d "assertion=<ASSERTION>&
audience=http://123done.org"
https://verifier.login.persona.org/verify
87. {
status: “okay”,
audience: “http://123done.org”,
expires: 1344849682560,
email: “francois@mozilla.com”,
issuer: “login.persona.org”
}
88. {
status: “failed”,
reason: “assertion has expired”
}
93. navigator.id.watch({
loggedInUser: null,
onlogin: function (assertion) {
$.post('/login',
{assertion: assertion},
function (data) {
window.location = '/home';
}
);
},
onlogout: function () {
window.location = '/logout';
}
});
97. 1. load javascript library
2. setup login & logout callbacks
3. add login and logout buttons
98. 1. load javascript library
2. setup login & logout callbacks
3. add login and logout buttons
4. verify proof of ownership
99. play with Persona
on your site
tell us about your
experience
email one site
asking for it
100. To learn more about Persona:
https://login.persona.org/
http://identity.mozilla.com/
https://developer.mozilla.org/docs/Persona/Why_Persona
https://developer.mozilla.org/docs/Persona/Quick_Setup
https://github.com/mozilla/browserid-cookbook
https://developer.mozilla.org/docs/Persona/Libraries_and_plugins
http://123done.org/
https://wiki.mozilla.org/Identity#Get_Involved
@fmarier http://fmarier.org
101. Photo credits:
Top 500 passwords: http://xato.net/passwords/more-top-worst-passwords/
Parchment: https://secure.flickr.com/photos/27613359@N03/6750396225/
Elephant in room: https://secure.flickr.com/photos/bitboy/246805948/
Cookie on tray: https://secure.flickr.com/photos/jamisonjudd/4810986199/
Uncle Sam: https://secure.flickr.com/photos/donkeyhotey/5666065982/
© 2012 François Marier <francois@mozilla.com>
This work is licensed under a
Creative Commons Attribution-ShareAlike 3.0 New Zealand License.