You’re signing up for a new account with eBay, Zoom, or another site. You face the decision of creating yet another password and login you must remember… or you can just sign in with an account you already have.
Many people opt for signing up for a new account using their Google, Facebook, Apple, or similar site ID. It saves them time and keeps them from having to create another account login when there are so many to remember already.
The average person now has 100 passwords to juggle. Making one less can seem like a great efficiency choice. But there are some major drawbacks to connecting your Google or Facebook account to other sites, and your data security is just one of them.
Before we get into why you should stop using “Login with Facebook (Google, etc.),” let’s take a look at what this process actually is.
When you choose to use an existing account to create and log into an account with a 3rd party site, that site is connected directly to Facebook or Google to authenticate you as a user.
Anytime you visit that 3rd party site or cloud service, you’ll be served up the login page for Google, Facebook, or another site you used. Once that site authenticates you, you are redirected to the 3rd party site.
The third-party site uses your email address and username that is attached to your Facebook or Google account.
Why You Should Not Use Your Facebook/Google Account for a 3rd party site
You Could Be Sharing More Data Than You Realize
When you connect another site or service to your Google or Facebook account, you’re not just sharing your name and email address. Often, the site is gathering a lot more of your personal data.
There is generally a message about what’s being shared when you first connect the account, but many users don’t pay attention to this or aren’t sure exactly what it means to “share your friends list.”
According to CBS News, some of the sharing that happens includes:
- When signing up for an Uber account with your Google ID, your Google wallet payment details can be shared.
- When signing up for a Trip Advisor account with your Facebook ID, your friends list can be shared so the site can show you places your friends have reviewed or traveled to.
- Services like Doodle access your Google calendar.
Once you share data, it can’t be unshared. It’s already in the database of the 3rd party site, and some may not be as transparent about what they do with it as others.
One Outage Can Keep You Out of Multiple Sites
In early October, Facebook had a major outage that took the site down for nearly six hours. For those users that used their Facebook account to sign up for other services, the inconvenience was even worse.
Because Facebook was essentially cut off from the internet during the outage, it could not authenticate logins for all those 3rd party sites. So, users were not only unable to access Facebook during that time, but they also could not log into their accounts for any sites that used the Facebook login process.
You Break a Cardinal Rule of Password Security
One of the cardinal rules of good password security is to create a unique password for each account you have. When you log into other sites with your Facebook or Google ID, you’re breaking that rule by tying the access to multiple sites to a single password.
Should your Google or Facebook account be breached, that means a hacker could breach any connected accounts because they already have the login.
And finding the accounts that you’ve connected is simple. The hacker would only need to go into your settings and look for connected apps.
They will be presented with a list of accounts they can now easily log into using your Facebook or Google account.
The 3rd Party Site Might Lose Its Privileges
One more reason why it’s a bad idea to tie other sites to your Facebook or Google login is that they could someday lose that connection capability. For example, Facebook might change its requirements for 3rd party sites to connect and a site you’re using might no longer meet them.
You could end up locked out of your account without the ability to change how you logged in or retrieve your data. You may only be able to create a new account, but end up losing all the information you had in the app.
Looking for Good Password Security Solutions?
Don’t let a compromised password ruin your day! Carl’s Computer Care can help your Louisiana business with smart and effective password security solutions.
Contact us today to schedule a consultation! Call 225-315-3498 or reach us online.