"not having to implement my own password-management infrastructure, ..., as well as insulating me from the hard security problems that come along with such a beast."
But you do realize it does definitely create another, much more serious, security problems right? What happens when the single sign-on server gets compromised? What happens when tokens aren't as secure as they should (like the recent OAuth SNAFUs, with an 's')? What happens when you don't pay attention to all the fineprints in the Persona docs stating things like:
"Be careful if you don't do this it's going to be easy to forge"
and:
"Guidelines to use Persona securely"
?
So it can be used not securely? Like OAuth? Do you think I find it re-assuring that I have to take steps so that things are not easy to forge? What when the latest JavaScript / browser exploits manages to forge requests?
Don't get me wrong: this seems very convenient. But you're trading time for something here. It saves you time by now having to roll your own security correctly (a DB into which you put emails and bcrypt encrypted passwords) but it comes at a price.
The price is the added insecurity that single sign-on adds.
Authentication requires attention to security no matter how do it. There's no silver bullet.
As far as I can tell, using Persona requires less attention to security than doing it myself. I don't see how that translates to creating "much more serious" security problems.
Perhaps you are a security expert who can do a better job than a team of Mozilla developers who are dedicating themselves full-time to solving authentication problems. I'm not. I know enough to know that security is harder than it looks, and that even if I salt my fries and crypt my bees, I can still screw things up[1]. Better to outsource it... well, as much as I can, anyway.
But you do realize it does definitely create another, much more serious, security problems right? What happens when the single sign-on server gets compromised? What happens when tokens aren't as secure as they should (like the recent OAuth SNAFUs, with an 's')? What happens when you don't pay attention to all the fineprints in the Persona docs stating things like:
"Be careful if you don't do this it's going to be easy to forge"
and:
"Guidelines to use Persona securely"
?
So it can be used not securely? Like OAuth? Do you think I find it re-assuring that I have to take steps so that things are not easy to forge? What when the latest JavaScript / browser exploits manages to forge requests?
Don't get me wrong: this seems very convenient. But you're trading time for something here. It saves you time by now having to roll your own security correctly (a DB into which you put emails and bcrypt encrypted passwords) but it comes at a price.
The price is the added insecurity that single sign-on adds.