Mozilla BrowserID, Sign-In System

Martin Brinkmann
Jul 15, 2011
Updated • Apr 22, 2012

Many contents on the Internet require a user account before they can be accessed and used. This means for users that they have to create an account, by entering one of their email addresses, selecting a password, username and maybe some other information. They often get a confirmation email with a link that they have to load to verify the sign-up. Once that is done they can log into the service or system. This feels redundant considering that users have to repeat the very same process for all the sites that require an account.

We have seen services in the past that try to tackle the issue with a global ID. Open ID is one of those services. You basically create a single account at Open ID and can use the account information to sign in on sites that support the technology.

Mozilla has now introduced their own service, called BrowserID. The technology has been designed to work with all browsers and mobile devices. Users benefit from a streamlined process. They only have to verify their email address once before they can use BrowserID to sign into any website supporting BrowserID with two clicks.

BrowserID displays a popup window when a user clicks on sign In on a website that supports it. If the user is logged into BrowserID, all email addresses associated with the account are displayed. All it takes to sign in is to select one, or use the default selection, and click the Sign In button in the window afterwards. A password does not need to be entered anymore.

Mozilla has published a short tutorial for web developers who want to implement BrowserID on their websites and services. The tutorial is available here on the BrowserID website. There is also a short guide that describes the BrowserID technology.

A blog post over at Mozilla summarizes the benefits of the technology:

  • Easy to use: Users sign up once and can use BrowserID on any website supporting it. They save time and get the same log in experience on all of those sites.
  • Secure: Uses the verified email protocol. Public Key Cryptography is used to verify account ownership.
  • Cross-Browser: Works on all modern browsers
  • Decentralized
  • Future browser support
  • Respects Privacy: Does not leak back information to a server about the sites a user visits.

The project is experimental in its current stage. Plans are to integrate the feature into the Firefox web browser at a later point in time.

It is to early to tell if BrowserID will take of in the future. It might if Mozilla succeeds in implementing BrowserID into the Firefox browser natively.

What's your take on it? (via)


Tutorials & Tips

Previous Post: «
Next Post: «


  1. redapple said on July 17, 2011 at 12:25 pm

    For me, it doesnt look different in any way (besides deeper integration with browser; Firefox only i assume?) than OpenID and OAuth.

    Im using Firefox Sync (since Weave) and Secure Login extension and im completely satisfied.

    And no, im not excited as you guys.

  2. RichF said on July 15, 2011 at 9:13 pm

    Fail-safe? Is any login system fail-safe? It only has to be as hackproof as the commonly used methods now.

    1. TRY said on July 15, 2011 at 10:09 pm

      With all due respect that’s where your assertion is wrong.Haven’t you heard of two-factor authentication?
      Gmail does it with your cellphone, That’s ‘hackproof’ at least for me(don’t know about others)

      Details here,


  3. TRY said on July 15, 2011 at 5:48 pm

    A Welcome step from Mozilla indeed but the real question is it fail-safe from a attacker?
    Can it be exploited? The questions may sound cynical but its the only way to be sure about this browserid security’s true efficiency.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.