https://sn.1w6.org/file/question-20160610T015415-5hkuhbp.html
I'm NOT certain whether I can give an accurate reply or not. Yes Mr. Spock? (btw: it's been ca. 2 years and 260 long days since Mozilla was notified about a vulnerability within the Persona service - which allowed an attacker to authenticate to a Persona enabled website using the identity of an existing gmail or yahoo account https://blog.mozilla.org/security/2013/10/02/bug-bounty-program-finds-and-helps-resolve-security-vulnerability-in-persona/ )