Creating a user account on a new website or service requires some time. Many sites often add a feature that allows you to log in using Google, Facebook, Apple or Twitter (now ‘X’). This mechanism saves time and offers enormous convenience, but we are going to explain why you should not log in using this system.
The single sign-on (SSO) feature eliminates the time-consuming need to create a user account on a new service. Plus, it eliminates the need to remember a new username and password.
At the same time, this mechanism gives the new platform permission not only to verify our identity, but also to share specific information. Using the SSO system involves generating a spatial token that acts as a digital key that allows access without having to enter our data. But, at the same time, it entails a series of disadvantages that are usually not known about.
Why you shouldn’t use a single sign-on system
The first reason is that there may be an interruption in the service and, consequently, we will not be able to access it. It is not uncommon for Facebook or Twitter to have service problems for many hours.
If we use these social networks to log in, due to the lack of service, we would not be able to access the portal as we expected. Obviously, the above situation is a pain, but at the same time, it is a temporary process.
For a high degree of privacy, using an SSO mechanism is a very bad idea. The reason is that the service we access with this system can access data from Google, Facebook or any other system that we have used for login.
The data that can be shared is enormous. They range from our name, email address, friend lists or geolocation. All this information may be without our consent, since you are required to provide this data in order to use single sign-on.
Another important aspect is that security at all times depends directly on the accounts we use for SSO. If our accounts are compromised, therefore, any linked accounts may be compromised.
Using this single login is as dangerous as using the same password on all services. If compromised, a malicious attacker could simply access the rest of the services.
Additionally, Google, Twitter or Facebook may collect information from third-party websites and applications through the single sign-on system. Thanks to this technology, they could collect data such as the pages we visit, content we see or actions taken.
Thanks to this data they can create detailed profiles about our interests, preferences and demographic data. Typically, data such as age, gender, location, hobbies and purchasing habits are collected. A highly valuable set of data that they can sell to third parties for commercial purposes.
As a final aspect, using this mechanism represents a great limitation in terms of profile customization. The information is synchronized with the account used for login, thus establishing data such as username, profile photo and other data. Something that can be annoying if you want to add data manually and make a more personalized account.
