If you follow the news, you’ve hopefully heard of Mozilla Persona, the wonderful new way of centralizing logins on the web. In a nutshell, Mozilla Persona works the same way as the “log in with Facebook” you see on many sites, except that, instead of Facebook, you use your email account to log in. The great thing is that sites never have your password, and you only need to have one password for every site on the web (Persona uses your email address as your username).
One downside of the default implementation is that you have one account per email on the default bridge (this isn’t strictly true, but adding more accounts is cumbersome and not meant to be done for every site). This is a problem for me, as I use the excellent 33mail service to create disposable email addresses for every site I visit.
Fortunately, there is a way to use disposable email addresses as usernames on Persona. Here’s how:
Setting up your domain
Fortunately, 33mail allows you to use your own domain to receive mail to. For
example, let’s say that your domain is
awesome.com, and you want to use
spam.awesome.com for your disposable email domain. Set the MX record for this
domain and set it up on the 33mail.com interface until receiving emails to that
domain works. You don’t really have to use 33mail for this, you can use your own
email provider or server, so, as long as you can receive email on that domain,
you’re set. This is step one.
Step two is to serve files from this domain. Find a web host (this is left as
an exercise for the reader), and set it up so that visiting
https://spam.awesome.com shows you the webpage of your choice. Notice that
this needs to be HTTPS, with a valid (not self-signed) SSL certificate, as
Persona uses SSL to verify your identity.
Setting up your IdP
Now that you have your email and web servers set up, we are ready to proceed to the final step. You need to install a Persona Identity Provider on your web server. This is the bit that will actually authenticate you to sites.
There are many open-source identity providers out there, but I have created
Persowna, a hosted identity provider,, which means
there’s nothing to set up. Get an account on it, and follow the instructions to
browserid file on your web server. Afterwards, add an alias for your
spam.awesome.com in the Persowna interface, and that’s it!
If you’d rather use your own identity provider, you can set one up on your web server. How authentication will work and whether you can use any email address to log in will depend on the provider you choose, so read its documentation to find out.
Trying it out
Now that our setup is complete, we should test it. Go to YourPane (a sharing site I have also created) and click
“Persona”. The Persona window will pop up and ask you for your email address,
firstname.lastname@example.org and wait. A second or so later, you will
see the Persowna login window open up, or, if you were already logged in to
Persowna, you will be logged in to YourPane right away, using the disposable
email address you just entered.
As you can see, using disposable email addresses with Mozilla Persona is a very easy, three-step process. Using this technique, you will both own your accounts and authentication (since they depend on your domain), and you will be able to log in to all sites using different email addresses but a single Persona account and password.
As always, if you have suggestions or questions, either leave a comment below or get me on Twitter, I always enjoy hearing from you!