I tried to use my gmail address and it gave me this: http://dl.dropbox.com/u/13941904/persona.png
Am I just making up a password for a Persona account and it's using my email address as the user id? I can see how some people would type in their gmail password in by mistake.
I found this bit confusing too, but in a different way.
The first time around, I knew I was making up a new password, just not where it would be stored.
Then much later I used a different computer (but firefox sync'ed) and tried logging in to Persona, got asked for a password, and thought "oh, so now I make up a new one because it's a new browser and this is BrowserID? Where is this password stored anyway?"
I'm guessing that password is stored on persona.org, not in my sync profile, but even after reading http://lloyd.io/how-browserid-works I still find this one point confusing.
EDIT: I now see that the creation bit has a "verify" field whereas the sign-in bit has only one field, I guess that should have been my hint to use the same password as before. I'm still wondering though how it works when you have several email accounts on one browser, do they all share the same password? Does persona.org know that I have all those email addresses?
> I can see how some people would type in their gmail password in by mistake.
I can see how this could be a big problem once one ID provider decides he'd be interested in grabbing and abusing such credentials. The natural password related to the e-mail address for most people is that of the e-mail provieder.
I tried to use my gmail address and it gave me this: http://dl.dropbox.com/u/13941904/persona.png Am I just making up a password for a Persona account and it's using my email address as the user id? I can see how some people would type in their gmail password in by mistake.