Trending Articles

Tech

Is it Recommended to Use Google to Log in to Other Sites?

Introduction

Most of us have probably encountered such situations when we sign up for a new site, and the question arises, is it safe to log in with our Google, Facebook or other accounts?

When you’re considering creating a new account for a website. It will likely give you an option to use your existing Facebook, Google, or another account to log in.

Generally, this method is known as “single sign-on” (SSO), and using a Facebook or Google account is the most common offer. But some sites allow you to access using Apple, Twitter, or LinkedIn accounts
Returning to our essential question, is it advisable to use one of your existing accounts to log in to this new site? Or should you traditionally create a new account using your email address?

While the single sign-in method makes it easier to sign up for your desired new service very quickly. It limits your ability to control the type of information you share when you activate your account.

Your social media credentials may share information such as your name, email address, and profile picture on the app. And you may be able to access more details, such as your date of birth and phone number.
Generally, what you share of your personal information ultimately comes down to the policies of both the pre-existing account and the account you intend to activate. Accordingly, the app provides a text explaining what you will share in the new account registration process.

To reveal all the details, we enlisted the help of cybersecurity experts Paul Peskov and Dan Fricher to give us a deeper look at how single sign-on (SSO) technology works.

Facebook’s Data Sharing Policy

Like other services, Facebook will provide your name, email address, and profile picture when you start single sign-on. In addition, however, it may also grant the third party access to information that Facebook classifies as a “public profile,” including anything on your profile page, including your details related to age, gender, date of birth, marital status, family details, hobbies, and devices used. The list may include your hometown, work history, education, religion, and political orientation.

As we have noted, Facebook’s data collection is quite huge, and it is suspicious that it is very willing to share this data with third parties. And this is what scandals and lawsuits have shown recently. However, some of this information can be marked as “not publicly available” from Facebook’s privacy options.

Google Policy

At a minimum, Google will share your name, email address, and profile picture with the third party when you sign in Single Sign-On. And some apps may try to retrieve files, photos, messages, or calendar events stored on Google Drive. Still, it will have to request these permissions separately to gain access.

Twitter Policy

Apps registered via Twitter give read access, which includes your screen name, profile picture, CV, overall location, preferred language and region.

The app also has access to analytics for your Tweets, follower lists, and lists of those whose accounts have been blocked or muted. But Twitter, on the other hand, doesn’t share your email address with the third party when you log in unless specifically requested.

Apple Policy

Apple’s single sign-on process is unique compared to other sites, so when you start recording, you share your name and email with the third party. However, users can edit their names and hide their email addresses before sending them.

At this point, Apple creates a fake address that automatically forwards to your primary account. And the user can stop forwarding to avoid spam if necessary.

Two-factor authentication is a requirement to log in with Apple. But, the company alleges that it does not collect any data about your interaction and activity with the application.

So, After What We’ve Reviewed Earlier, What Should You Do About Single Sign-On?

If you plan to use this method, you should be aware of the information you share. And if you get the possibility to choose the services yourself. Then you should use the service that will share the least amount of your data.

Based on the information being shared. As well as the ability of users to control what they want to share, Apple seems to be one of the best services to use when it comes to single sign-on. Note that you can create an Apple account even if you don’t have any Apple devices.

Or you can turn to Twitter, which Peskov prefers: “Compared to other networks where I store a lot of private information and data. Almost everything related to my Twitter account is general information about me. As there is not a lot of data that the new application may be able to get when you log in to it using Twitter.”

However, Not All Apps Offer Twitter An Option to Log Into

It would help if you also enhanced the security of social media apps through two-factor authentication, which generates a temporary passcode that you send to your email or phone number.

It is one of the fastest and most effective ways to prevent unwanted access to the Internet. But, of course, its outstanding benefit is protecting single sign-on accounts.

However, the most secure option is to create different passwords for each service you use. Then the Encrypted Password Manager will be instrumental in this context. As it can track all the passwords without much effort.

Finally, with access to the butter of the talk, one of the secure alternatives to single sign-on is a dedicated password manager such as «1 Password». A program that stores all the login data in an encrypted folder can only be accessed using a master password specified by the user.

And stores this master password on your device only without an Internet connection. Making it practically impossible for hackers to obtain your data except by physically accessing your computer. Many web browsers also offer built-in password managers. Using different encryption methods.

Related posts