4 Reasons You Should Not Sign Into Other Accounts With Your Facebook or Google ID
People are now up to an average of 100 passwords that they need to keep track of between work and personal accounts. This just increases the risk of people using one password for multiple accounts and/or using passwords that are weak and easy to hack.
Without a good password management system in place, like the use of a password manager, employees can put their personal and business accounts at risk due to bad password habits.
Password compromise has jumped to becoming the number one cause of data breaches, being responsible for 20% of them globally. The major reason for this increase is that companies now have most of their work processes in the cloud to facilitate a “work from anywhere” environment.
A practice that may not seem particularly dangerous is when users choose the “Login with Facebook (or Google)” option when creating a new account. This is a convenient way to instantly gain access to a new cloud app or web account without having to create yet another password.
But there are some significant risks involved if you sign in to another account with your login ID from Google, Facebook, Apple, or another major site.
Why You Need to Avoid “Login with…” Options When Creating a New Account
If Your Account is Breached, Multiple Accounts Are Compromised
One of the common “bad habits” of password security is to use one password for several different accounts. Users do this to reduce the number of different passwords that they need to remember.
However, this puts all the connected accounts at risk should just one of them become compromised. Passwords can become compromised for several reasons, including creating a weak password or if the cloud provider or website suffers a database breach.
Social media accounts are also commonly hacked. Most people have seen a post at some point by a Facebook connection explaining to ignore any strange posts by them due to a hacked account.
If your Facebook or Google account is breached, one of the first places most hackers will go is into your settings to look for connected apps. They know that they’ll now have access to those accounts as well.
An Outage Can Leave You Locked Out of Several Accounts
In early October, millions of Facebook users, as well as those on Instagram and WhatsApp, were shocked to find that those social media sites were not working.
Facebook had a major outage due to a network connectivity issue that lasted nearly 6 hours. This not only inconvenienced users that use the platform for personal use, customer service, or marketing, it also impacted those that used the “Login with Facebook” option.
Without the ability to authenticate the user login on Facebook, because of the outage, those sites were in essence down as well for users that didn’t create unique accounts.
Sensitive Data Can Be Accessed By the Other Apps
Here is an example of just a few of the things that can be shared between Facebook and Google and other 3rd party applications that you connect to them.
- Trip Advisor Looks at Friends Data: If you log into Trip Advisor with your Facebook ID, you could be sharing your friends list so it can show you reviews they’ve written on the site or where they’ve traveled.
- Uber Accesses Your Google Wallet: When creating an Uber account with your Google ID, you may be giving direct access to your Google Wallet to the service, which you may not mean to share.
This type of information sharing can also be risky for companies, if an employee is creating a new account with a Facebook, Google, or Apple account that they use for their business email address. Other things that can be shared across apps are calendars, task lists, and contacts.
The Site Could Lose Their Connection Privileges
If you’ve created an account on a 3rd party site with your FB or Google account, you could suddenly be prevented from logging in, should that account lose its app connection privileges.
If you have data in the application, you may not be able to retrieve it and have to create a new account from scratch to access the site.
Get Help Securing Your Company Logins & Passwords
Password security is only becoming more critical as a larger amount of data gets moved to the cloud. GKM2 can assist your Sydney area business with password security and access solutions.
Contact us today to learn more. Call +61 2 9161 7171 or reach out online.