Is It Safe to Use Facebook to Login on Other Sites?

Is It Safe to Use Facebook to Login on Other Sites? article image.

Using Facebook or other social-media login credentials to sign into third-party sites and services can save time and hassle. But that convenience also could compromise your personal data, so it's important to think through things before connecting sites.

Social media platforms have become hubs for all kinds of interactions. They're great for staying in touch with friends, of course, but they also connect many of us to a variety of third-party content providers, smartphone apps, and interactive services. Activities like games, surveys, and quizzes plug into social-media frameworks, as do shopping sites, news outlets, and even financial services providers.

De facto Master Password

Accepting these entities' invitation to "Log In With Facebook" (or Google, LinkedIn, or Twitter) typically requires just a few quick clicks—an option that somehow feels much less onerous than setting up a separate username and password for each app or service.

When you do use your Facebook login information to sign in to other sites, you're effectively making the social platform the keeper of your online identity: Its username and password becomes the master key to tons of personal information, preferences, and posts you have entrusted to these various third parties. If those login credentials are stolen, it can be a field day for trolls, cyber criminals, and hackers.

For example, Facebook announced a data breach in September 2018 which could have potentially affected third-party logins, though it found no evidence that hackers accessed any third-party sites.

Sharing with Facebook and Other Social Media Accounts

Linking to apps and services can make it painless to access and share content any time you're logged into the social media platform you're using to login to other sites but when you link to a third party you may also be giving it permission to monitor your activities, capture personal profile information, and even siphon off data about friends and colleagues in your network.

While information monitoring can be benign (such as tracking friends' birthdays to send them funny greetings), we've also learned it can be used for more nefarious purposes. These permissions usually appear in fine print when you first log in via your primary social platform, but few users take time to read or understand them.

Social Media Sign Ins and Security

Consider keeping logins separate and creating different passwords for each third-party account. While less seamless, this is the most effective way to keep your social-network information separate from third-party apps and services:

  1. Use different passwords for each login, and make sure they're strong passwords. You may also want to use a password management tool to keep track of these, such as SaferPass, Dashlane, or LastPass. These help generate strong passwords and then makes them available to you so you don't have to memorize them (or write them down, where they can be spotted by would-be hackers).
  2. To manage games, quizzes and other activities that may only exist "within" the social platform (and in case you're not ready to give up the convenience of social-platform logins altogether), revisit the services and sites you've linked to your social platform.
  3. Get familiar with the security and data-access settings for your social media accounts, and how to adjust them to protect your personal data.
  4. Check the list of apps, sites and services you've linked to your social platform, and trim the list to eliminate all you no longer use. For the providers that still make the cut, take a look at the data you're sharing with them:
    • Double-check the permissions you've given each third party, and the data it has access to. As appropriate, consider limiting access to your friends list, personal information such as your date of birth and the name of your employer, alma mater, and family members—the kind of information that's often the basis for personal security questions.
    • Consider uncoupling e-commerce sites, or any other third parties with stored payment information, so that if criminals gain access to your primary social media account, they won't be able to go on a shopping spree.
  5. Get in the habit of logging out of your primary social network when you leave your laptop or tablet, and locking your smartphone and tablet screens when you put them away.

Take Charge of Your Data

Using social platforms to link with third-party apps, sites and services can enhance your networking fun, and even make it useful and productive. But it can also expose personal data—yours and your friends'—to exploitation and abuse. It's wise to understand which entities have access to your data, and to remember that what you have control over what you share and with whom.

Also if you're a parent, you'll also want to help protect your child on social media and help him or her understand how to safely use social media accounts.