Is it a good idea sign in to other websites with your Facebook or Google accounts? Some say it’s safe, some say it’s not. It’s certainly convenient. Still, is it a good idea? We say a better idea is to bolster your passwords or use a password manager.
The Good
The Sign In With Facebook/Google system saves you time and spares you the chore of creating a new account for every website whose services or products interest you. And from a security perspective, Facebook and Google use a technology standard called OAuth, which is generally considered strong and reliably safe. That’s the good side.
The Bad
The bad? Well, using your Facebook information to sign into every site that asks for it means a whole lot is riding on the strength of that one password. Also, signing in with Facebook typically gives those sites access to your public profile. Signing in with Google gives them your email address. The more widely you spread that information, the less control you have over who uses it and how. The companies running the sites you visit may sell the information they’ve gleaned from your profile—are you all right with that? It may affect what ads you see and what marketing firms know about your browsing habits.
The Better
Yes, it’s simple to sign in with Facebook or Google. It’s also unnecessarily risky. A password manager, which generates a strong password for each site and protects them in a virtual vault is better. Managers are simple to use, and doing so won’t further spread your personal data.
If a password manager isn’t for you, then start improving your passwords. Change them frequently. Don’t use the same password for multiple accounts. Make sure each one is strong: not a simple word that can be found in a dictionary and easily guessed, but one includes letters and numbers and uses a mixture of upper case and lower case.
You don’t need Facebook or Google to be smart and safer.
