Showing results for 
Show  only  | Search instead for 
Did you mean: 
Strollin' around
Status: New idea

So the main problem with security is the human, Bob sees email urging him to click on the link and login he does and his account get's stolen. Because of Bob we made password managers, problem is Bob doesn't know how to use one. So we made OAuth which Bob likes and uses it, but most websites Bob goes to don't use OAuth now what?

This is the motivation for an account manager. What is an account manager?  You may ask, well

  • It would keep a list of accounts the user has.
  • Get credentials required for login from say FXA.
  • Provide an API that handles login and basic settings like changing password or privacy settings.
  • Make a one settings page (as in the one ring) to edit all accounts, set rules for auto password changing and set security levels for accounts.
  • And lastly it would put a login with Firefox button on all pages which would take you to a FXA login page if you have an account and if not give a message that warns about phishing.

Notes since relay is in your grasp, you could add auto filler OTP from the email that gets sent and an auto create account button which generates all info to signup like email and password and saves it.

1 Comment
Status changed to: New idea
Community Manager
Community Manager

Thanks for submitting an idea to the Mozilla Connect community! Your idea is now open to votes (aka kudos) and comments.