When we are going to create a profile on social networks or any other platform, many give us the option of doing so with Google or Facebook. This way of registering is very interesting because it is faster and, therefore, more practical. However, experts advise against using it, as it could pose a problem for our cybersecurity.
Single sign-on (SSO) is an authentication method that allows users to access accounts with one set of credentials across multiple independent software systems. The advantage of this method is that it allows users to avoid having to log in to each platform they use. However, this convenience of logging in could put all of your profiles at risk in an instant.
Experts always recommend that we use passwords that are difficult to guess, with numbers, upper and lower case letters, symbols and more than 8 characters. But it is also important to use different passwords for each social network. This way, if one account is hacked, they will not have access to all the others. This, unfortunately, becomes more complicated if we use Google or Facebook to log in.
If we use SSO, cybercriminals will only need to know our Google or Facebook account credentials. This will be enough to access other digital services where we have used single sign-on.
Aside from the issue of vulnerabilities that can arise from using Google or Facebook to log in, it is also not a good idea if we want to have greater control over our data. It is no surprise to anyone if we mention that companies often track our Internet browsing. By logging in with the tech giants, we will give them clues about our interests, something that not everyone is willing to consent to.
How to change login method?
The truth is that many platforms allow you to change the login method once you have created the account. This way, you can prevent any kind of inconvenience in the future or Big Tech from recording your activity. Depending on which social network or digital service we are talking about, the process may vary. But it is usually very easy to access the necessary settings if you look carefully in the configuration section. Generally, you can make the changes through the sections dedicated to the account or the security of the platform.
Instead of using Google or Facebook to sign up and avoid having to log in with credentials, you can try using a password manager. This way, you only have to enter your username and password once and the tool will save it on that device. Each time you log out and then log back in, your details will be filled in automatically, without you having to type anything.
There are plenty of password managers out there that are definitely better than signing in with Google or Facebook. To name a few, we have 1Password, LastPass, NordPass, Keeper, etc. We should also not forget the Google Manager, ideal if you use Android or Chrome, or the Apple iOS option, which allows you to access your accounts via Face ID.
How does single sign-on work?
When we try to avoid the hassle of creating our own password through single sign-on, a token is created. This is a small file controlled by Google or Facebook on a service that does not belong to the company that allows you to access your account without entering credentials.
In general terms, this practice is very easy to use and also saves us time. That is why many users resort to it. But if you are hacked on Facebook or Google, you may end up regretting it. If a cybercriminal gets into Google or Facebook, they can control all the tokens that have been created. Once they have access, it is very difficult to stop them since there will be no password to change. Especially if they take measures such as changing the password to prevent you from accessing your own account.
This is not the case with password managers, because even if the scammers manage to gain control, you can always change your password. By doing so, the data held by the manager you use will not be used to log in. Therefore, the scammer will not be able to do anything with the hacked manager.
