Exactly what does Mozilla use to validate in Firefox accounts?

Discussion in 'privacy technology' started by phkhgh, Dec 27, 2019.

  1. phkhgh

    phkhgh Registered Member

    Joined:
    Aug 17, 2007
    Posts:
    182
    Has anyone found details on the exact methods, steps Mozilla is using to "log users in without a password? I've searched & searched & found nothing with real details.
    Are they using oAuth along with something else?

    What are the privacy concerns if someone (who?) is using some data or a unique identifying string.

    If they're using oAuth along w/ something else, where do "they" get (unchanging) data, to identify users? Who's the administrator, if using oAuth w/ other software & getting tokens from the administrator?

    I've got a sinking feeling that Google may be involved. In which case, I may not be.
    For people that want other sites (or sites' software) to login to other investment accts, to up / down load data, etc., I guess that's OK. But it's hard enough maintaining security when only 2 entities are involved.

    Adding a 3rd party - that users have no agreement with (you're not logging into the oauth provider's site) increases odds of data being poorly protected. And oAuth 2 & anything similar has had & will continue to have security bugs.

    I would think if sites or providers started using encrypted password logins, it'd be a lot more secure & not another cook in the kitchen spoiling the soup.

    I would also guess large companies like Google, Mozilla (that are talking about oAuth) are looking more at tracking users on every site / service they offer more than "making it easier for the users."
     
  2. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    1,188
    Location:
    Member state of European Union
    Can you give an example where I can log in using Mozilla account?
     
  3. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    33,678
    OAuth 2.0:

    Introduction to Firefox Accounts
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.