Identity/Features/Sign into the browser

{{#set:Feature name=Sign into the browser

|Feature stage=On hold |Feature status=` |Feature version=` |Feature health=OK |Feature status note=` }}

{{#set:Feature product manager=Dan Mills

|Feature feature manager=Dan Mills |Feature lead engineer=Ben Adida |Feature security lead=` |Feature privacy lead=Sid Stamm |Feature localization lead=` |Feature accessibility lead=` |Feature qa lead=` |Feature ux lead=Zhenshuo Fang |Feature product marketing lead=` |Feature operations lead=` |Feature additional members=David Dahl, Anant N., Matthew Noorenberghe, Frank Yan }}

Requires coordination with services infrastructure to support BrowserID-based authentication, as well as a key-wrapping feature in BrowserID.

1. Feature overview

Being able to sign into the browser is a key feature in our identity roadmap. It serves two main purposes:

1. To connect the user to services in the cloud. By signing in to the browser, the user connects to a Persona account, which provides a discovery points for cloud-based services.
2. To enable at least basic support for user (profile) switching in multi-user/shared-device situations.

2. Users & use cases

As a user, I want to know at a glance whether I am signed into the browser, or if someone else is.

As a user, I want to be able to easily find the sign in button/link/option.

As a new user, I want to be able to create an account by providing my email address and choosing a new password.

As a new user, I want to be able to verify my email asynchronously, so that I can use the browser immediately.

As an existing user on a new device, I want to be able to sign into my account using my email address and password.

As an existing user returning to a device, I need to use my password (but not my email) to sign back in.

As an existing user, I want to be able to reset my password if I forget it.

As a new signed-in user, I want to know about the services and features now available to be by having signed in.

As a returning signed-in user, I want to quickly get back to my personalized browser profile.

As a signed-in user, I want to see my list of email addresses (and not a sign-in screen) when I click "sign in" at a Persona-supporting site.

3. Dependencies

`

4. Requirements

• Ability for user to sign in via UI option somewhere (e.g., menu)
• Ability to sign out (stopping any feature that requires sign-in)
• Ability for the user to recognize the currently signed-in account at a glance (or at least with very minimal effort)
• Ability for other Firefox features to trigger sign-in flow
• Email-based authentication using browserid.org accounts
• Should match BrowserID flow except where absolutely necessary (e.g., ask for email first, decide what to do based on the email)
• Ability to create browserid.org accounts
  • Ask for password up-front, but allow deferred verification (see: BrowserID "unverified" flow/feature)
• UI should be unambiguous that the user is interacting with the *browser* (not content)

Non-goals

• master password integration / modal sign-in screen on browser startup

5. Functional specification

Types of users:

• New user come from Mobile first run
• New user come from desktop
• Existing user who use Sync (1 or more device; our server vs. own server)
• Existing Persona ID user

6. User experience design

• New user on desktop: http://people.mozilla.com/~zfang/SignIn/Home.html
• New user on Mobile first run: http://people.mozilla.com/~zfang/SignInMobile/Mobile.html
• Existing sync user: http://people.mozilla.com/~zfang/SignIn_SyncUser/Upgrade.html
• Australis Indicator Mock-up:

7. Implementation plan

`

8. Reviews

Security review

`

Privacy review

`

Localization review

`

Accessibility

`

Quality Assurance review

`

Operations review

`

9. Implementation

`

10. Landing criteria

` {{#set:Feature open issues and risks=Requires coordination with services infrastructure to support BrowserID-based authentication, as well as a key-wrapping feature in BrowserID. |Feature overview=Being able to sign into the browser is a key feature in our identity roadmap. It serves two main purposes:

1. To connect the user to services in the cloud. By signing in to the browser, the user connects to a Persona account, which provides a discovery points for cloud-based services.
2. To enable at least basic support for user (profile) switching in multi-user/shared-device situations.

|Feature users and use cases=As a user, I want to know at a glance whether I am signed into the browser, or if someone else is.

As a user, I want to be able to easily find the sign in button/link/option.

As a new user, I want to be able to create an account by providing my email address and choosing a new password.

As a new user, I want to be able to verify my email asynchronously, so that I can use the browser immediately.

As an existing user on a new device, I want to be able to sign into my account using my email address and password.

As an existing user returning to a device, I need to use my password (but not my email) to sign back in.

As an existing user, I want to be able to reset my password if I forget it.

As a new signed-in user, I want to know about the services and features now available to be by having signed in.

As a returning signed-in user, I want to quickly get back to my personalized browser profile.

As a signed-in user, I want to see my list of email addresses (and not a sign-in screen) when I click "sign in" at a Persona-supporting site. |Feature dependencies=` |Feature requirements=* Ability for user to sign in via UI option somewhere (e.g., menu)

• Ability to sign out (stopping any feature that requires sign-in)
• Ability for the user to recognize the currently signed-in account at a glance (or at least with very minimal effort)
• Ability for other Firefox features to trigger sign-in flow
• Email-based authentication using browserid.org accounts
• Should match BrowserID flow except where absolutely necessary (e.g., ask for email first, decide what to do based on the email)
• Ability to create browserid.org accounts
  • Ask for password up-front, but allow deferred verification (see: BrowserID "unverified" flow/feature)
• UI should be unambiguous that the user is interacting with the *browser* (not content)

|Feature non-goals=* master password integration / modal sign-in screen on browser startup |Feature functional spec=Types of users:

• New user come from Mobile first run
• New user come from desktop
• Existing user who use Sync (1 or more device; our server vs. own server)
• Existing Persona ID user

|Feature ux design=* New user on desktop: http://people.mozilla.com/~zfang/SignIn/Home.html

• New user on Mobile first run: http://people.mozilla.com/~zfang/SignInMobile/Mobile.html
• Existing sync user: http://people.mozilla.com/~zfang/SignIn_SyncUser/Upgrade.html
• Australis Indicator Mock-up:

|Feature implementation plan=` |Feature security review=` |Feature privacy review=` |Feature localization review=` |Feature accessibility review=` |Feature qa review=` |Feature operations review=` |Feature implementation notes=` |Feature landing criteria=` }}

{{#set:Feature priority=P2

|Feature rank=999 |Feature theme=BrowserID |Feature roadmap=Mozilla Identity |Feature secondary roadmap=Security |Feature list=Other |Feature project=` |Feature engineering team=` }}

{{#set:Feature products status=`

|Feature products notes=` |Feature engineering status=` |Feature engineering notes=` |Feature security status=sec-review-needed |Feature security health=Blocked |Feature security notes=bug 744948 |Feature privacy status=` |Feature privacy notes=` |Feature localization status=` |Feature localization notes=` |Feature accessibility status=` |Feature accessibility notes=` |Feature qa status=` |Feature qa notes=` |Feature ux status=` |Feature ux notes=` |Feature product marketing status=` |Feature product marketing notes=` |Feature operations status=` |Feature operations notes=` }}