What you share when you log in via Facebook

It is convenient and can be safer to log into a website using your Facebook credentials. But as Yahoo! Tech shows, you share much more than your an email address and a user ID.

Facebook, Twitter, Google and other big internet companies allow you to register and log in to other web pages using your all-ready-established credentials with them. This is really convenient since you will can many fewer user ID and password combos to remember. Also, as Gizmodo.com proved, even technologically oriented blogs can have passwords stolen. Gizmodo.com’s solution was to not host passwords and instead let Facebook, with its deeper pockets and more robust security measures, verify Gizmodo’s commentors.

But look what you share with Gizmodo or any other site that uses Facebook’s authentication system (source Yahoo! Tech):

image

The article also has screen shots of what Twitter, LinkIn and Google+ share.

Here is what I do to protect myself. I use a disposable email service (a handy list of providers) and a password manager that generates passwords. Now, I can register for a website with an email address that I will throw away if it is compromised (I can also see who is selling my address) and password that doesn’t match any other password I use. Plus, I don’t have to remember any of these details, the password manager does this for me. With this setup, I don’t need to rely on Facebook or any other web company to log me in. I have a burner account and a system for creating, memorizing and using them.

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply