Should You Use Facebook or Google to Log In to Other Sites?

You may have the option to sign in using your current Facebook, Google, or another account when considering opening a new account on a website. This approach is frequently referr to as single sign-on (SSO). The most popular offers are Facebook and Google connectivity, although some providers also include Apple, Twitter, and LinkedIn accounts.

The decision is whether to create a new account with your email address or use one of those already-existing accounts to log in to this new website.

You may sign up for a new service very quickly using the single sign-on method. When the account is activated, you do have less control over the information that is shared, though. Your social media login information may provide the app access to more private information like your birthdate and phone number in addition to sharing things like your email address, name, and profile photo. The policies of the newly created account and the account that was previously associated ultimately determine what gets shared and what doesn’t. The app should also have wording explaining what information is disclosed during the registration process.

We’ve enlisted the aid of cybersecurity specialists Paul Bischoff and Dan Fritcher to smooth out all the kinks and provide insight into how this SSO technology functions. We’ll also go through how Google, Facebook, Apple, and Twitter handle data access by outside parties via their platforms.

 The Pros of Single Sign-On

Simply said, the ease and time savings of SSO are its key selling points. Since your social network account is probably able to pull that information, it omits the time-consuming registration process of filling out forms and fields. Additionally, it lessens the trouble of having to remember which usernames and passwords go with which. That may appear to be an almost insurmountable chore after the umpteenth account signup. A key that can be used to access a wide range of services is your existent account. Your social media password will remain private despite the fact that the third party can gather data from this transaction.

Paul Bischoff, the privacy specialist for Comparitech, responds via email: “In general, using a social login isn’t necessarily more or less secure than simply entering your email address and password. Smaller apps and websites probably have less security than major social networks, so opting for a social login could be a safer choice. However, developers have also been known to misuse user login information from social media (see: Cambridge Analytica).”

A connected account can be used by some apps to importing helpful files. For instance, Dropbox enables the direct import of images into cloud storage from Facebook. Google calendar sync is also possible with productivity software like Zoom and Slack. However, using single sign-on is not required in order to utilize these features.

 The Cons of Single Sign-On

Personal preferences and security are the only drawbacks of SSO. This approach restricts what can be share with other users when registering. Although you may have already given many of these details during signup, regardless of the method you use, the app may be permitte to scrape names, photographs, and contact information. In some situations, the new app is able to access additional private information. Such as your age, location, or interests. These specifics may subsequently be sold to data collection firms or used to deliver targeted advertisements.

Using a social login “creates a network of sites that keep a common identifier on you, and that identity can be used to create a shared advertising profile based on your activity on each of the sites,” writes Dan Fritcher, chief technology officer of Sysfi cloud services. For the majority of individuals, it won’t be a big deal, but there’s a risk because we don’t know what the profile will be use for in the future.

In the end, you should understand what information each account will disclose and determine whether or not you feel comfortable allowing access. For instance, a website that hasn’t established a solid reputation may be more prone to collecting your contact information and selling it to con artists for a profit. Frequently referred to as a privacy policy. Trustworthy websites will have easily available paperwork outlining the data they gather and how it will be use.

Compared to standard registration, SSO might pose additional cybersecurity threats. If a hacker is successful in obtaining your social media login information through phishing or a password leak, they may also have full control over any accounts you have created using that information. Another option is to lock the account, preventing access to single sign-on websites. Additionally, if Facebook or Google experience a service outage, it could momentarily shut down all of their SSO functionality.

 

facebook 1 1

Following that, let’s take a look at the data-sharing practices of the businesses most likely to provide SSO.

Facebook’s Data Sharing Policy

When a single sign-on is start. Facebook will request your name, email address, and profile picture much like other services. However, Facebook has the option to grant the third party access to the data it classifies as “public profile”-relate. This entails pretty much everything that is made visible on your profile page. Including more private information like your age, gender, birth date, relationship status, family information, hobbies, and devices utilized. It might even provide information on your hometown, past employment and schooling, racial and political affiliations, and more.

 As evidenced by previous controversies and legal actions, Facebook gathers. A lot of data and is more than happy to share it with outside parties. Nevertheless, some of this information can be mark as private using Facebook’s privacy settings.

 Google’s Policy

During single sign-on, Google will at a bare least divulge your name, email address, and profile picture to the third party. The retrieval of files, images, messages, or calendar events from your Google Drive may also be attempt by some apps. But in order to gain access, they must expressly ask for such permissions.

Twitter’s Policy

The screen name, profile photo, bio, general location, chosen language, and time zone will all be viewable for apps register through Twitter. Along with your following, mute, and block lists, the app has access to all of your tweet analytics. Twitter, on the other hand, does not divulge your email address while you are log in unless you actively request it.

Apple’s Policy

When compared to other SSO systems, Apple’s is special. Name and email are give to the third-party app while registering for the registry. Before it is sent, individuals can. However, modify their names. They can also decide to conceal their email address. In which case Apple will create a fictitious address that automatically forwards back to your account. In the future, if necessary, forwarding can be disable to stop spam. Another need for Apple sign-in is two-factor authentication. According to the business, no information regarding your use of the software is collect.

 What to Do About SSO

Be careful of what information is pass over if you intend to use single sign-on. Choose the service that will reveal the least amount of information if you have a choice of providers. Apple seems to be one of the better SSO services to utilize in terms of what information is share and what users can regulate. Even if you don’t own any Apple products, you can register an account with Apple.

You may also use Twitter as Bischoff does. Since practically everything associated with his Twitter account is public, he claims that compared to other networks where he stores a lot of personal data, “there’s not much more data an app can extract from you logging in with Twitter.” However, not every app will support each sign-on method.

Enabling two-factor authentication, which creates a temporary passcode and sends it to your personal email or phone number, is another thing you should do to increase the security of your social media accounts. This is one of the easiest and most reliable ways to stop unauthorized online access, and it also has the added benefit of safeguarding your single sign-on accounts. The safest strategy is to use different passwords for each service you use, and an encrypted password manager can help you keep track of them all.

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.

    ManilaShaker is a tech media producing insightful and helpful content for our local and growing international audience. Our goal is to create a premier Philippine digital consumer electronics resource that provides the most objective reviews and comparisons globally.