Security Alert: Is Social Login Safe?
If you’re like most Facebook and Google users, you’ve likely encountered more than a few new websites that offer “social login.” Social login is attractive because you can essentially sign up for new accounts without having to go through the ongoing hassle of creating a new, unique username and password combination. As you know, the more usernames and passwords you have, the harder they are to manage.
While social login solves this dilemma beautifully (it’s wonderful to only have to remember one set of credentials), it brings up a security concern that you might not have considered. What happens if someone steals your social login credentials?
Why would someone possibly want your social login information? After all, you’re just sharing family photos and silly memes. While this may be true, cyber criminals know an opportunity when they see one. If you’re using your social login across a multitude of websites, chances are some of those websites will be worth sneaking into.
For example, let’s say you use your Facebook social login for accessing your adult education classes at the local community college and your online invoicing tool. Is there any personal information in either of those accounts that could be useful to cyber criminals? Probably. The college may have your Social Security number on file; and it certainly has your transcripts, address, phone number, and other personal information. Your online invoicing tool may be linked to your PayPal account, and hackers could reroute payments to go elsewhere. Hackers could also infect your social media accounts with malware or post offensive comments or messages on your behalf. These are but a few of the many potential risks of allowing a hacker easy access to your personal accounts.
Another problem with using social login involves privacy. Pay attention to those default notices when you sign up for a new account using social login. If you don’t pay attention, you may be giving the new site permission to access your contacts list, likes, and other information. You can bet that your demographic data is being collected. How will the new company use that information? Will they share it with others? Will they sell it? Will you soon be bombarded with advertisements based on the information you didn’t realize you just gave away?
Yes, social login is convenient. Instead of having to remember multiple usernames and passwords, the theory is that you only have to remember your social login. In fact, if you’re already logged into your social account, logging in is practically automatic. It’s a real brain saver, but it has its potential costs.
May 1, 2015 / By: Celeste