A survey commissioned by Bitdefender in 2021 showed that internet users had on average eight online accounts, spanning social media, online shops, video streaming, telecoms, utilities, booking, airlines and more. Today, that number is much higher as we consistently sign up for new products and services each year. But managing so many accounts can be tricky. The cybersecurity rulebook says we should avoid using the same password for multiple accounts. At the same time, remembering all these different passwords can be a chore.
For those who shun password managers – or let their browsers remember all their passwords – the next logical step is to use the convenient “sign in with” option. Signing in with social media or third-party accounts like Facebook, Google and Apple offers several security benefits. But it also comes with some caveats.
Convenience: You don't need to remember usernames and passwords for multiple websites, reducing the risk that you’ll use weak passwords or forget them.
Multi-Factor Authentication: Many third-party providers offer multi factor authentication / two factor authentication (2FA), adding an extra layer of security.
Account Recovery: Platforms that offer the ”sign in with” option typically have sturdy account recovery processes in place, reducing the chance of permanently losing access to your account.
Robust Security: Tech behemoths like Google and Apple have strong security measures and teams dedicated to protecting user data.
Privacy: Using third-party accounts can grant these companies access to your online activities, which may raise privacy concerns. This is especially true when signing in with a social media account.
Single Point of Failure: If your linked social media account is compromised, it could affect access to multiple accounts.
Data Sharing: Some websites may request access to more information than necessary from your social media profile.
Account Lockout: If your linked social media account is suspended or locked, you might lose access to other linked accounts too.
Limited Control: You might have less control over your account's security settings than with a directly managed account.
Right, so this is the general idea for using ”sign in with” on the web. However, there are a bunch of platform-specific pros and cons, and there are also some key scenarios to take note of before venturing online.
For example, logging into a service with your Facebook account likely gives that app or website access to some of your personal information. This may happen with or without your knowledge, depending on how transparent the service is. Logging in with social media platforms also makes it easy to accidentally share too much information with the world. Plus, you’re giving that social media platform more information about your activity on the web, your tastes and interests, your location data, and more. But let’s look at some scenarios likely to play out in the real world.
Benefit: Signing in with Google on a new shopping website saves you time and eliminates the need to create a new account.
Risk: The website requests access to your Google contacts, which could lead to your personal data being shared with the website.
Benefit: Signing in with your Apple ID on a health tracking app lets you easily recover your account if you forget your password.
Risk: If your Apple ID is compromised, the attacker might gain access to both your health data and other linked accounts.
Benefit: Using Facebook to sign into a blogging platform allows you to avoid creating a new account.
Risk: Facebook gains insight into your blogging activity and could share data with third parties, raising privacy concerns.
Benefit: Signing in with your Google account on a financial management app provides an extra layer of security with Google's 2FA.
Risk: If your Google account is locked due to suspicious activity, you might lose access to the financial app as well.
Benefit: Using Twitter (now X) to sign in on a website saves you the hassle of remembering another password.
Risk: The news website requires access to your Twitter posts, exposing your tweets and possibly your private messages.
Now that you’re better equipped to weigh the pros and cons of ”sign in with,“ you should carefully consider when to use this convenient trick. Remember that convenience should never outweigh security and privacy considerations in the scenarios described.
For more peace of mind, consider using a trusted password manager. Bitdefender Password Manager, powered by the strongest known cryptographic algorithms, helps you create strong, unique passwords for all your online accounts, and safely stores them behind your single master password.
Also consider deploying a dedicated security solution on your personal devices to fend off all types of threats, including malware, phishing, fraud, identity theft, and more.
Stay safe!
tags
Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.
View all postsNovember 14, 2024
September 06, 2024