Weaving Identity into the Browser

(via Dion Almaer and ReadWriteWeb)

Mozilla Labs posted a screencast yesterday of a new feature as part of the Weave project, which enables OpenID at the browser level, which will have potentially significant impact on adoption and use of portable identity technology.

Mozilla Weave Logo Weave is a Mozilla Labs project, started back in December of 2007, which (before this latest announcement) was mostly known for their Sync service, which can synchonize (and keep in sync over time) bookmarks, saved passwords, browsing history, and tabs, keeping your firefox browser experience consistent across multiple computers. It’s quite useful for those of us who have a work desktop, home desktop, and laptop, or some other combination of multiple computers regularly used.

This new effort, however, integrates OpenID into the Firefox user experience:

Our sprint changes the browser to provide single-click login to sites with saved passwords as well as sites that support a federated identity (OpenID in this case). It also provides the option to automatically sign in when the page is loaded, essentially providing a single-sign-on-like experience regardless of the login method being used. In the case of OpenID, we intercept the login procedure and, taking advantage of the fact that you’re already logged into your browser, and then use Weave identity to let you into the site.


Unfortunately, for now, you have to install the latest weave development build which also requires you to be running Firefox 3.5 beta, so it isn’t really quite ready for public consumption.

There’s also, of course, the risk that people will use this poorly – storing saved OpenID on shared machines, etc – but I think the model of allowing the browser – after you’ve logged into it – to login on your behalf – will be a really good UX improvement over time, and one I hope the other browsers will take up and implement themselves.


  1. One thing that may be interesting for Mozilla to try is to create a “public version” of Firefox to be run on public machines which doesn’t have the save password or now wouldn’t contain the openID feature. Call me paranoid but I often get worried about staying logged in at work. I work with some pretty good people who I don’t think would do anything to jeopardize my accounts but security is always important.

    Thanks for sharing this John.

  2. I think the plan is for it to be an add-on (it certainly is for now), and I think you can restrict who can install add-ons for Firefox.

Comments are closed.