What You Should Do If You Use Facebook or Google to Log into Other Websites

It is so convenient to just click log in with Facebook or log in with Google when we sign up for new services. If your account is linked to Facebook or Google, the next time you sign in, all you have to do is click the right button on the login page. As long as you are signed into Facebook or Google on the device, you can be signed into the connected account automatically. Well, here's a question for you: Should you sacrifice your virtual security for convenience? You must agree that that is not a good idea.

Of course, you could be one of those lucky users who never face a single problem, but do you really want to take your chances? Facebook, for example, keeps getting hit by major data breaches (e.g., the latest one that affected 50 million users). Unfortunately, if a user's account and password are breached, all other connected accounts might become vulnerable too. While it might seem convenient to log into, for example, Instagram using the same login password, you should think twice before you choose to continue with Facebook. If you do not fully understand what the big deal is, you should continue reading this post. If you come up with questions, or you want to continue the discussion further, the comments section is open below.

If it’s risky, why do third-party services use the feature?

The answer is very simple: It's all about convenience. Imagine you are a developer of a new amazing service that you cannot wait to take out into the daylight, but you have tons of problems that you need to solve before the planned release date. If you are on a time crunch, you might be taking more shortcuts than planned, and a simplified sign-up and login procedure can lift a huge burden off your shoulders. Taylor Hughes who co-founded Cluster discussed how his company chose to use Facebook instead of a more sophisticated login system because they didn't have time to handle passwords themselves at that time. While the company now offers to sign up using email, they still allow users to log in with Facebook or Google.

It's not all about developers. Users themselves prefer convenience over security. Now imagine you have heard of this new amazing service that you cannot wait to try out. You visit the website or download the app and learn that you need to sign up. If you choose to sign up using, for example, your email address, you might have to verify yourself first via email, and you also might have to enter tons of information to create a profile. On the other hand, if you click Log in with Google or Log in with Facebook button, the process can be shortened significantly, and you might start enjoying the service much faster. What if you chose to sign in using your Gmail password? Isn't that the same as logging in with Google? It is not, and it all comes down to data sharing.

If you connect accounts, you allow the companies to share and collect data

Whenever you choose to sign in with Facebook, Google, or another service, you are asked to provide certain permissions. Needless to say, some might try to obtain more than others. If you choose to log in with Google, for example, the service you are logging in with might ask to share information that is available on your Google Account. This could include your location, your interaction with ads, and even search history. When it comes to Facebook, the social networking platform might have a lot of personal information, including your friends list, your graduation date, tagged photos, etc. This is why you have to be extremely careful during the sign up to ensure that you do not permit unreliable services to collect highly sensitive information.

Once Facebook and Google are linked to third-party services, they can share unique data that is available on the unique accounts. Needless to say, the more accounts there are connected, the more data becomes available for sharing. This is a goldmine for advertisers and marketing companies who can use the abundance of data – including the content you "like" and share – to target you with personalized content. Of course, whether or not this data is shared with advertisers depends on the service provider. What about related services? Google uses one login password for most of its unique platforms (e.g., Gmail, YouTube, or Google+), and that is an entirely separate problem. Facebook, on the other hand, controls Instagram, and while you can log in using Facebook, you also can set up a unique login password. Of course, it is safer to connect services using the same login password if they belong to the same company, but security issues still exist.

What if your login password is hacked?

Yes, this happens. In fact, passwords get hacked all the time. Even if you do your part and create strong and unique passwords for every account that you own – which is crucial – you could still become a victim of a data breach. Let's create a scenario where Facebook is brutally hacked, and your ID and password are leaked. If that happens, cyber attackers could easily use special software and hardware to check thousands of platforms to hack into connected accounts. In a situation like this, those who have chosen to log in with Google or log in with Facebook could become extremely vulnerable. Of course, we do not need to wait for a massive data leak for something like this to happen. If your Facebook or Google login password is weak already, cyber attackers could guess or crack it. While it might be impossible to protect your accounts if the service provider is hacked, you can certainly minimize the impact of the attack if different login passwords are used for every account.

Do you have many accounts that you log in with Facebook, Google, or some other service provider? If you do, you might want to consider changing the login settings to make sure that every service, platform, and account you use has a unique login password protecting it. Are you intimidated by the task because you do not want to burden yourself with a ton of new passwords? This worry is completely valid. After all, every single login password you create must be long, strong, and impossible to guess. Unfortunately, these kinds of passwords are very easy to forget. The good news is that you do not need to remember any of them if you use a reliable password manager. This tool can safely store all your complicated passwords and then auto-fill them whenever you log in. Without a doubt, if you want to have your login passwords serving you in a beneficial manner, this is an incredibly useful tool you should look into further.

In conclusion, if you want your login passwords to protect your accounts, you should not recycle them, and you certainly should be cautious about connecting different accounts under one umbrella login password because if it gets hacked, all other accounts could crumble too.