Identity/Features/Sign into the browser

Status

Team

Open issues/risks

Requires coordination with services infrastructure to support BrowserID-based authentication, as well as a key-wrapping feature in BrowserID.

Stage 1: Definition

1. Feature overview

Being able to sign into the browser is a key feature in our identity roadmap. It serves two main purposes:

1. To connect the user to services in the cloud. By signing in to the browser, the user connects to a Persona account, which provides a discovery points for cloud-based services.
2. To enable at least basic support for user (profile) switching in multi-user/shared-device situations.

2. Users & use cases

As a user, I want to know at a glance whether I am signed into the browser, or if someone else is.

As a user, I want to be able to easily find the sign in button/link/option.

As a new user, I want to be able to create an account by providing my email address and choosing a new password.

As a new user, I want to be able to verify my email asynchronously, so that I can use the browser immediately.

As an existing user on a new device, I want to be able to sign into my account using my email address and password.

As an existing user returning to a device, I need to use my password (but not my email) to sign back in.

As an existing user, I want to be able to reset my password if I forget it.

As a new signed-in user, I want to know about the services and features now available to be by having signed in.

As a returning signed-in user, I want to quickly get back to my personalized browser profile.

As a signed-in user, I want to see my list of email addresses (and not a sign-in screen) when I click "sign in" at a Persona-supporting site.

3. Dependencies

`

4. Requirements

• Ability for user to sign in via UI option somewhere (e.g., menu)
• Ability to sign out (stopping any feature that requires sign-in)
• Ability for the user to recognize the currently signed-in account at a glance (or at least with very minimal effort)
• Ability for other Firefox features to trigger sign-in flow
• Email-based authentication using browserid.org accounts
• Should match BrowserID flow except where absolutely necessary (e.g., ask for email first, decide what to do based on the email)
• Ability to create browserid.org accounts
  • Ask for password up-front, but allow deferred verification (see: BrowserID "unverified" flow/feature)
• UI should be unambiguous that the user is interacting with the *browser* (not content)

Non-goals

• master password integration / modal sign-in screen on browser startup

Stage 2: Design

5. Functional specification

Types of users:

• New user come from Mobile first run
• New user come from desktop
• Existing user who use Sync (1 or more device; our server vs. own server)
• Existing Persona ID user

6. User experience design

• New user on desktop: http://people.mozilla.com/~zfang/SignIn/Home.html
• New user on Mobile first run: http://people.mozilla.com/~zfang/SignInMobile/Mobile.html
• Existing sync user: http://people.mozilla.com/~zfang/SignIn_SyncUser/Upgrade.html
• Australis Indicator Mock-up:

Stage 3: Planning

7. Implementation plan

`

8. Reviews

Security review

`

Privacy review

`

Localization review

`

Accessibility

`

Quality Assurance review

`

Operations review

`

Stage 4: Development

9. Implementation

`

Stage 5: Release

10. Landing criteria

`

Feature details

Team status notes