This makes it easier for people to use one login for all the websites they use. That also makes them inherently less secure.
Multiple accounts is a good idea because it creates separate security domains which cannot be broken. You crack my Facebook password, there's no way you can get into my completely separate Citibank account. The one-login-for-all model is less secure because it centralizes your accounts into one general security domain: the ID provider.
If you hadn't made it a requirement that you can use the computer at your friend's house, this would be more secure, because you could keep your private keys just on your trusted devices. But now you're on a foreign device and you didn't bring your keys - so you have to either get them from your ID provider, or generate new ones.
Now an attacker can either A. break into the ID provider and steal the keys for all the sites you use, or B. intercept the username/password login to your ID provider.
The risk of A. is of course possible, plausible, and given the track record of companies with the highest security reputations in the land being pwnd by lame phishing expeditions, likely to actually work (eventually).
If you were using your home computer with the keys already stored in the browser, B. would be impossible, but you're at a friend's house with no keys. And my guess is there will be malware developed just to disable browser keys, force a u/p login, collect the creds, and try all online banks using this system to find your account and siphon funds. (This is exactly what malware does today, only they usually use direct injection of your normal banking browser sessions or steal saved logins)
Of course you can use separate accounts with Persona. They advertise you using a work e-mail and personal e-mail to make separate accounts. But let's be realistic: who the hell wants to complicate their logins further? People will probably use one e-mail for all their accounts - because it's easy.
I have a solution for these security concerns. It's to stop trying to making security easy. If you forced people instead to jump through hoops for the one or two accounts which really need to be extra secure, they'll deal with it (once) and get on with their lives.
Banking is one example. You can step a user through generating and storing a client certificate, and then they never have to do it again until they use a new computer. If they need access from outside their home (WHICH IS A BAD IDEA, BUT ANYWAY,) they can use a temporary e-mailed login token which is only good for one session and requires things like login rate limits, additional identity verification, etc. We can do this today without any new technology.
Facebook, Twitter, etc aren't sensitive accounts and thus don't need ridiculous security - Persona would be fine for these. Crack my social media accounts, fine, but don't allow things like banks and e-mail accounts to be linked as well. It's like clipping blank checks to your house or office keys.
Multiple accounts is a good idea because it creates separate security domains which cannot be broken. You crack my Facebook password, there's no way you can get into my completely separate Citibank account. The one-login-for-all model is less secure because it centralizes your accounts into one general security domain: the ID provider.
If you hadn't made it a requirement that you can use the computer at your friend's house, this would be more secure, because you could keep your private keys just on your trusted devices. But now you're on a foreign device and you didn't bring your keys - so you have to either get them from your ID provider, or generate new ones.
Now an attacker can either A. break into the ID provider and steal the keys for all the sites you use, or B. intercept the username/password login to your ID provider.
The risk of A. is of course possible, plausible, and given the track record of companies with the highest security reputations in the land being pwnd by lame phishing expeditions, likely to actually work (eventually).
If you were using your home computer with the keys already stored in the browser, B. would be impossible, but you're at a friend's house with no keys. And my guess is there will be malware developed just to disable browser keys, force a u/p login, collect the creds, and try all online banks using this system to find your account and siphon funds. (This is exactly what malware does today, only they usually use direct injection of your normal banking browser sessions or steal saved logins)
Of course you can use separate accounts with Persona. They advertise you using a work e-mail and personal e-mail to make separate accounts. But let's be realistic: who the hell wants to complicate their logins further? People will probably use one e-mail for all their accounts - because it's easy.
I have a solution for these security concerns. It's to stop trying to making security easy. If you forced people instead to jump through hoops for the one or two accounts which really need to be extra secure, they'll deal with it (once) and get on with their lives.
Banking is one example. You can step a user through generating and storing a client certificate, and then they never have to do it again until they use a new computer. If they need access from outside their home (WHICH IS A BAD IDEA, BUT ANYWAY,) they can use a temporary e-mailed login token which is only good for one session and requires things like login rate limits, additional identity verification, etc. We can do this today without any new technology.
Facebook, Twitter, etc aren't sensitive accounts and thus don't need ridiculous security - Persona would be fine for these. Crack my social media accounts, fine, but don't allow things like banks and e-mail accounts to be linked as well. It's like clipping blank checks to your house or office keys.