Labs/Weave/Identity/Account Manager: Difference between revisions

← Older edit

Labs/Weave/Identity/Account Manager (view source)

Revision as of 10:34, 4 May 2010

1,096 bytes added , 4 May 2010

m

→‎Account Manager: linkfix

Wenzel

Confirmed users

1,209

edits

@@ Line 1: / Line 1: @@
 = Account Manager =
-Help users manage their accounts.
+The Account Manager project aims to produce:
-The account manager is an evolution of the Firefox password manager and the Weave identity components (OpenID + auto-login).  It will help users manage logins and profile information for each site, and it will automate currently manual tasks such as signing up for sites, generating passwords, etc.  The focus is on "traditional" login methods (e.g., form + cookie), but it will also have some support for OpenID/federated logins.
+* A protocol definition that sites can use to define their account-and-session management features in a format a web browser can understand.  (The latest draft of [[Labs/Weave/Identity/Account_Manager/Spec/Latest|the specification is here]]).
+* An implementation of this protocol as a Firefox addon.
+The goal is to help users manage the process of "connecting" to a site, in a way that allows us to use secure browser chrome, and supports multiple authentication mechanisms.
+The account manager is an evolution of the Firefox password manager and the Weave identity components (OpenID + auto-login).  It will help users manage logins and profile information for each site, and it will automate currently manual tasks such as signing up for sites, generating passwords, etc.  The first prototype will have support for "traditional" login methods (e.g., form + cookie), but it will also have some support for OpenID/federated logins.
 Creating a new identity framework is a non-goal of this project, although some new file formats and protocols are in scope (see below for details).
-= Release Roadmap =
+There is additional information in the [https://mozillalabs.com/blog/2010/03/account-manager/ announcement blog post], as well as the add-on's [http://mozillalabs.com/conceptseries/identity/account-manager/ first-run page].
+= Drivers =
+* Mike Hanson
+* Dan Mills
+* Aza Raskin (UX/Labs)
+* Alex Faaborg (UX/Firefox)
+= Releases / Roadmap =
+'''Specification'''
+Our proposal, "HTTP Extensions for Account and Session Management", is under development.  You can read our [https://wiki.mozilla.org/Labs/Weave/Identity/Account_Manager/Spec/Latest draft here].
+'''Addon'''
 [https://people.mozilla.com/~dmills/account-manager/latest.xpi Latest release]
@@ Line 13: / Line 34: @@
 * [https://people.mozilla.com/~dmills/account-manager/dist/account-manager-0.0.1-dev.xpi 0.0.1] (2009.11.11) - Initial release that spins off the Weave identity features and creates a basic account manager.
 * [https://people.mozilla.com/~dmills/account-manager/dist/account-manager-0.0.2-dev.xpi 0.0.2] (2009.11.<strike>18</strike>29) - Bugfix for Weave identity features (autologin).  Sign in/sign out functionality (spec proposal) still in the works.
-* 0.0.3 (2009.12.02) - Alpha release: account registration (spec proposal)
+* ...
+* [https://people.mozilla.com/~dmills/account-manager/account-manager-0.0.10-dev.xpi 0.0.10] (2010.03.05) - Alpha pre-release of "true" account management support (no heuristic autologin, uses the spec above).
 = Use Cases =
+'''Simple Connect'''
+Alan routinely visits sites that use username-password logins, HTTP basic auth, and OpenID.  He is tired of remembering which credential style to use at each site, and frustrated that he needs to repeat this process after unlocking his Firefox with a master password.
+Account Manager provides a single click to log in to each of these sites, and, when Alan selects "always keep me connected", he never needs to deal with a login screen again.
+'''Two Users, One Firefox'''
+Madison and Connor use the same family computer in the den, and can't be bothered to use OS-level multi-user functions, and don't understand Firefox Profiles.
+With Account Manager, they can tell at a glance that a given browser instance of Facebook, Twitter, or Yahoo Mail is logged in as their sibling, and by selecting from a dropdown menu, easily switch to their account.
 '''Automatic site registration, automatic password change'''
-Diego is looking to improve his guitar skills, and wants to share some
+Diego visits guitar.com to improve his musical skills.  The site promises exciting personalized features if he connects, so he clicks the "Connect" button.  Firefox immediately presents a summary of the personal information that it will send to the site, which Diego confirms, and an account (with a random password) is created.
-experiences with fellow guitar students.  His friend recommends the
-site guitar.com, which he is a user of.  Diego has never been there
+At a later date, Firefox asks Diego if he would like to automatically change the password, and to automatically change it for him in the future.  Since Diego uses cloud-based password sync, all of his other devices are able to log in using the new password after a sync.
-before, and clicks the "Sign Up" link to create an account.  Firefox
-immediately negotiates with the site which information is required for
-a signup, and presents Diego with a summary.  After Diego confirms the
-account creation, Firefox sends the information to guitar.com and
-creates a new account for him, with a random password (which Diego
-doesn't need to know).  Next month, when Diego visits the site again,
-Firefox asks Diego if he would like to change his password to a new
-one (for higher security).  Diego has the option of changing it,
-leaving it as-is, as well as letting Firefox change it silently for
-him in the future.  Since Diego uses password sync, all of his other
-devices are able to log in using the new password after a sync.
 ''If Diego has never seen his password, then it doesn't make sense if he'd like to change it. As far as he is concerned, Firefox holds the keys and it doesn't matter if Firefox gets them retooled as long as his experience remains the same.''
-'''<del>One</del>Two Click shopping for the whole web'''
-Ben decides to buy some flowers for his fiancee. He goes to his
-favorite neighborhood flower store's website and picks out just the
-bouquet he wants. When it comes time to check out and pay, he really
-wishes he didn't have to enter in all of his billing data. Since he
-has stored his identity and credit card information on the Weave
-server, the web site is able to automatically pull in this information
-from the server. The browser prompts Ben to grant access to the server
-for just this transaction, he says yes and his purchase is complete.
 '''Mass Password Reset'''
@@ Line 53: / Line 66: @@
 = Requirements =
-Priorities are for the alpha release, we'll reshuffle based on what we learn from that.
+The following are the main features we are focusing on for the alpha.
+* Auto login for form/cookie based authentication
+* Formal protocol definition
+* Heuristic Engine (if needed)
+* Supports Sync if installed
+The following are the main features we are focusing on for the beta.
+* Global Profile
+* Auto registration using global profile
+* Detailed account viewer (integration with Site Preferences?)
+* Add auto login support for HTTP Basic and other
+The priorities below are more tailored towards the 1.0 release.
 == UX ==
@@ Line 149: / Line 180: @@
 <br clear="all"/>
-= Current Status =
-{| width="100%" cellpadding="3"
-|-
-| style="background-color: #efefef;" colspan="5" | '''Core Features'''
-|-
-| style="background-color: #efefef; width: 20px"| '''Priority'''
-| style="background-color: #efefef; width: 20px"| '''Target'''
-| style="background-color: #efefef;"| '''Item'''
-| style="background-color: #efefef;"| '''Bug'''
-| style="background-color: #efefef;"| '''Status'''
-|-
-| P1 || 0.1 || Feature name ||  || not started
-|}