We’ve all been there…we’re in a hurry to get something done, and the site we’re trying to access says ‘login using Facebook’ and well, you just click it. What’s the harm, right? I’m already logged into Facebook…it’ll be faster…
UNTIL…you’ve been hacked. One of the most LIKELY TO GET HACKED paths you can take is to use Facebook as the login vehicle for other sites. Actually, I shouldn’t pick on Facebook…using ANY social media login to log in to other sites should be STRICTLY AVOIDED. Seriously. I can’t emphasize that enough.
Why not? Well, it’s certainly easy, but it is also dangerous. Using your Social Media signon to access other sites is like using one password for ALL sites, but as Neil J. Rubenking of PC Magazine says, it is ‘worse, much worse’. Why would that be?
Well, once you access your non-Facebook account via Facebook, you are, in essence, “connecting” the two, and allowing evil people to connect to all of your non-Facebook accounts with the ONE password they’ve stolen. In essence, you’ve given them the MASTER KEY to all of your accounts.
Neil does a great job laying out this issue in a very short, but accurate article. Check out his article here: Signing into Websites with Facebook is Just Asking to be Hacked.
Please, please…don’t do it. Hackers target the easiest and most bountiful companies for their time/effort…Those are not your local machine, but rather, the global websites and companies…Facebook is a PRIME target…don’t end up doing the ‘woulda, shoulda, coulda’ dance…just take the extra seconds to key in your username/password into the website…don’t fall into the easy, but very dangerous, ‘Use Facebook Login’. Please, I beg of you!
There are a bunch of password management tools out there…and that does NOT mean an Excel/Word file stored on your computer called ‘passwords’! Use a password management tool…PC Mag also does a great review of those (Password Management Tool Comparison), but they don’t even list the one that I use which is ‘eWallet’ made by Ilium Software (eWallet)…I love e-Wallet because it syncs to my phone, so I always have all of my passwords with me. Just be double-darned sure that you’re using a VERY STRONG password on your password storage tool…and one that is TOTALLY DIFFERENT from any other password you use.
One Comment
Thanks Sandy. This post was very informative.