Mycroft Single Sign-On: Balancing Convenience and Privacy

Originally published at: http://mycroft.ai/blog/mycroft-single-sign-on/

Two Anniversaries


My wife and I celebrate our 20th wedding anniversary this week. With the date falling in the middle of the week, we decided to take the day off from work. We’ll spend it together, celebrating a major milestone in our marital longevity.

A major web browser recently marked its tenth anniversary with a software update. Like my wedding anniversary, this should have been a celebrated milestone. Unfortunately, this celebration was hampered by an unpleasant surprise for the browser’s more privacy-focused users. These users would sign in to an account to check their email or calendar, but purposely avoid signing into the browser to protect their privacy. The software update circumvented this user decision by automatically signing them into the browser when they signed into their account. To make matters worse, this change was unannounced! #anniversaryfail

Mycroft Single Sign-On balances usability and privacy for our Community

User privacy is always a primary concern of Mycroft’s software engineering efforts. This includes the implementation of our user sign-in process. We wanted to share some upcoming enhancements to this process that will improve upon our privacy-focused approach to your personal data.

What's New

The first enhancement will be visible to users that sign in to Mycroft websites. Our web footprint has increased with the introduction of the Mycroft Marketplace and Mycroft Languages sites. With the addition of these sites, we thought it important to provide users with a seamless log-in experience. To this end, we will be implementing single sign-on (SSO). When implementation is complete, a login to any Mycroft site will be recognized by other Mycroft sites so that you will not need to re-authenticate.

The second enhancement will not be visible to Mycroft users but is just as important. We will be doing an audit of the user data stored on our databases to ensure that any user-identifiable personal data (email address, name, etc.) is encrypted at rest. This will ensure that your personal data will not be compromised, should any unauthorized access to Mycroft’s servers occur.

As a Software Architect at Mycroft, part of my responsibility is ensuring the security of our users’ data. This is a responsibility I take very seriously. One of the reasons I enjoy working at Mycroft AI is our dedication to providing the privacy that our competitors lack. If you want to read a bit more about how we’re doing this, read on.

The How

For those of you interested in the technical details of our SSO implementation, we will be using JSON Web Tokens (JWT) rather than the OAuth functionality used today. One of the main benefits of these tokens is that they do not need to be stored on our databases. JWTs contain the same useful information (user ID, token expiration, etc.) and can be easily encoded and decoded on the fly. Even if someone were to intercept one of these tokens, the data encrypted within them cannot be extracted without knowing the value of the secret key used at encryption time.

To prevent hackers from finding the key, we wrote it on a tiny piece of paper, cut the paper in two and hid the pieces in separate corners of our single room office. Take that, hackers!

I’m kidding, of course. We’ve adequately encrypted the key and stored separately from the source code.

The JWTs are generated, encoded and decoded in the API layer. The API will pass the JWTs to the browser where they will be cached in a way that allows any of our mycroft.ai sites to access them.

Just as important as a secure login is a secure logout. The logout process must be implemented in a manner that doesn’t leave any authentication breadcrumbs lying around. Once a user logs out of Mycroft’s SSO, the tokens are deleted from the cache, never to be seen again. When the user logs in again, reauthentication will result in a new token. Users do need to log out to delete the token. Otherwise, their token will remain in cache until its predetermined expiration time.

The code to support SSO is being introduced with the Marketplace. In the coming months, we will extend this functionality to other Mycroft sites. This includes, but is not limited to https://home.mycroft.ai and https://mycroft.ai.

4 Likes