It might be a longer list than you remember. Given the concerns people already have about how much information Facebook collects, explicitly giving them even more seems a little counter-intuitive.įacebook settings record which services you’ve used Facebook to sign in to. When you use Facebook to log in to these third-party services, you’re telling Facebook which third-party services you use. Unfortunately, you typically can’t pick and choose which permissions to give - in my opinion, yet another reason to avoid Facebook-based logins. Be sure to read these carefully so as not to give more access than you’re comfortable with. When this happens, you’ll be notified exactly what additional permissions and information you’re allowing to be shared, and you’ll be given the opportunity to either alter the permissions or abort the login completely. They may ask for additional information from your Facebook profile, such as contacts, permission to post to Facebook on your behalf, or more. When you set up your account with the third-party service and use Facebook to log in that first time, the service may request additional permissions. You authenticate directly with Facebook, who then tells the third-party service that yes, you are who say you are by virtue of having successfully logged in to your Facebook account. This practice uses an industry-standard protocol called OAuth, short for Open Authorization. They do not get your Facebook password.They usually get your ID (your email address, in the case of Facebook), which generally becomes your user ID on the third-party service.They don’t get your Facebook passwordĪ common concern is whether these third-party services get your Facebook login ID and password. It also means they don’t have to maintain their own authentication infrastructure. Not making you create yet another account and password to manage is one way to do so. These third-party services want to make it as easy as possible for you to sign up with them. The third-party service has elected not to provide its own sign in and relies entirely on using other platforms to authenticate its users. You can log in traditionally by creating your own account, usually with email and password, or you can choose from one of the other authentication providers, like Facebook. I’ll also refer to all the services that you’re logging in to, like PhoneZoo in the original question, as third-party services.) (Throughout this article, I’ll use Facebook as my example, but the same issues apply to using other services. It’s not just Facebook: you can use your account with Google, Twitter, or other accounts to log in to many unrelated services. Using services like Facebook to provide authentication is a popular trend. Using the same account everywhere is even less secure than using the same password everywhere.Facebook gets information about every service where you use Log in with Facebook.The service does not get your Facebook password.If you must use it, make sure your Facebook account is secured.Using a unique login ID and password for each service is much more secure.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |