[depoll]

OP here. Excited to start showing this stuff to the world. We think identity and login are really broken today, especially on devices that are becoming smarter (mobile, TV, etc.), and we are hoping to provide a solution that lets you take an identity with you wherever you want/need it.

Since we're not a social network, we can avoid a lot of the risk and confusion about how to use the product without accidentally sharing too much information, and really focus on building a first-class identity product.

We're happy to answer questions if you have them. There's more to come, soon!

[JoshTriplett]

So, the biggest draw of the social-network-based logins (as well as their biggest flaw) was that you probably already had an account. With Hoomi, what's the advantage of using your Hoomi account rather than just giving an email address?

Also, how does this compare (in both features and privacy) to Persona?

[depoll]

Hoomi sits somewhere between email/password login and social login. Users still get the benefit of Single Sign-on (that grows as more developers adopt), but don't have to have (or tie their account to) a social profile. You're also welcome to use your phone number to create a Hoomi account.

As far as Persona goes, one of the major differences is the primacy of mobile as a medium for login. And while Persona focuses on using email addresses as identifiers, we go one step further than that, isolating users/apps into their own ID spaces that aren't tied to any particular existing identifier. As a result, a user can change their email address with us without disrupting their service or updating their applications (https://developer.mozilla.org/en-US/Persona/The_implementor_...), and users don't have to divulge this information if it's not necessary, as with apps that just use login for personalization.

We're rapidly building and adding features to Hoomi, and you can expect to see the benefits to users and develoeprs grow as we flesh out users' ability to create profiles for themselves that they can give their apps access to.

[pwnna]

Unlike Persona, Hoomi will be able to know which application the user logs into, and for how long, correct? From what I've seen so far, it seems like the user and/or the application will have to make requests to Hoomi's servers.

Does this mean that Hoomi will become essentially a single point of failure: if Hoomi's servers get compromised, the malicious agent will be able to collect the user's identities and activities? Especially if a lot of apps implement Hoomi, then it may even be possible for the malicious agent to profile the user's entire digital life by tracking them everywhere.

This is what Persona aimed to prevent: it delegates the responsibility of identifying users to a third party and multiple such third parties can exists. Also, as far as I remember from when I used it, it also is designed to ensure that the authenticator have no knowledge of what the user is up to.

[h43k3r]

Thanks for this great product. Definitely going to try this out.

What are your plans to push this into market and How are you planning to attract both app devs and end users to use your product?

[depoll]

Thanks for the interest!

We're encouraging developers to use this alongside social login (or as a replacement for building their own email/password-based login). Developers can avoid having to build and design large amounts of UX around login, registration, email/phone verification, password resets, etc. by adopting Hoomi, while still giving their users an alternative to social login.

We plan to add a number of compelling features for both users and developers. These will increase the value of a Hoomi account as well as the benefit of adding Hoomi login to your applications.