The number of passwords that people have to keep track of has grown to approximately 100. Trying to create unique and strong passwords for that many accounts and remember them all is just about impossible for most people. This leads people to reuse passwords across multiple accounts and use weak passwords that they can remember. These password bad habits cause security breaches for companies.
It’s estimated that 81% of data breaches are due to a lack of password security. There are things you can do to help reduce your risk, such as enacting multi-factor authentication with your accounts and using a password manager, so you don’t have to remember all those passwords, you only need to remember one.
Another thing people do to try to keep their passwords under control is to use their Facebook, Apple, or Google ID to log in. This service allows you to skip creating a new login for a site or service, and instead just use your existing authentication with one of those other sites. This may seem like a good idea and a way to reduce the number of passwords you need to manage, but there are several downsides to doing this instead of just creating a unique site account. Here are some of the reasons you shouldn’t use the “Login with Google (Facebook, etc.)” option.
You Are Sharing a Lot of Information With the Site
You don’t only share your name, email address, and profile photo from Google or Facebook with a 3rd party site, you may also be sharing a lot more of your personal information. For example, when signing up with Trip Advisor using your Facebook account, your friends’ list is shared with the site so it can display reviews and travel information associated with them. When using your Google account to log in with Uber, you are sharing your Google Wallet as well, and this is used to pay for ride services. Other apps can access things like your calendar or contacts, and once your data is shared, there is no way to get it back. You can disconnect from the app, but it already has your data.
You Create a Single Point of Failure for Downtime
The recent Facebook outage that lasted nearly 6 hours was a reminder that major cloud services can go down, and there is not much you can do about it except wait. For users that had connected their Facebook login to other websites and services, they weren’t only unable to access Facebook during the outage, they also could not access those other sites. With Facebook offline, it could not provide login authentication. So, by making other accounts dependent upon your Facebook or Google login, you put yourself in a situation where one outage can mean loss of access to several accounts.
You Risk Multiple Accounts Being Breached if Your FB or Google Account is Hacked
Facebook accounts get hacked all the time. It’s not unusual to see a friend connection post a message to ignore recent posts from them because their account was hijacked. If your Facebook or Google account is breached, then so is every other site that you’ve connected to that login. All a hacker needs to do is visit your account settings, and they can see a list of other accounts they now have access to. You may not immediately panic if an attacker hacked a Facebook account where you have no credit card details stored. But if you connected that FB account to other sites where you do have stored payment cards, you could easily have those details stolen and sold on the Dark Web.
You Could Eventually Lose Access to the Account
Should Facebook or Google change their policies for 3rd party site authentication, or should the site fail to continue meeting those standards, you could end up losing access to your account. If that 3rd party site can no longer use the “login with…” process, then you may be locked out of your account without any way to gain access to your data. The same might happen if you do what a lot of people are doing and leave social media altogether. If you close your Facebook account this could negatively impact all the connected accounts relying on that login authentication.
Summing It Up
For security reasons, data protection reasons, and reliable access, it’s best to create unique logins for every site and cloud service you use, rather than using a service like Google or Facebook to log in.
Need Help With Password Security Solutions?
Compromised passwords are the biggest cause of cloud data breaches. Get your security under control! Managed IT Asia can assist your Singapore business with password security solutions that keep your accounts protected. Contact us today to schedule your free consultation. Call +65 6748 8776 or reach us online.
MANAGED IT ASIA, we are an IT Support, IT Solutioning and Managed IT Service Provider specializing in serving Small Businesses across Asia. Call us at +65 6748 8776 and let us manage your Small Business IT today!