No articles found to show on this page.
There’s more data to protect than just your Facebook profile.
If you worry about your data on Facebook—a reasonable anxiety after a round of revelations of past privacy breaches—how nervous should you be about logging in to other sites using your Facebook account?
The option to sign into other sites (USA TODAY among them) with your Facebook account is widespread, and adopting it isn’t crazy. But you should evaluate how much of your Facebook profile each site sees—and consider other ways to ease logging in around the Web.
More: Delete Facebook? It’s a lot more complicated than that
More: Facebook CEO Mark Zuckerberg: ‘My mistake’ for abuse of voter info
More: Apple co-founder Steve Wozniak says he’s left Facebook over data collection
Reasons to use Facebook Login
The biggest reason to rely on this Facebook Login option is the least flattering: You’re terrible at passwords. Not letting Facebook handle this authentication—what’s called a “social login”—often leads people to choose a simple password or reuse a password from another site.
Either choice weakens your account at the site you could have logged into via Facebook. Password reuse also risks every other account with the same password—it only takes one data breach to leave them all open.
Assuming you set a reasonably strong password for your Facebook account and protect it with two-step verification (in which you confirm an unusual login with a one-time code sent to your phone), Facebook Login effectively ends those security worries. The other site never sees your Facebook password; instead, the social network sends it a temporary token confirming that it’s you.
Reasons not to
Many users have taken Facebook up on this shortcut. The customer-management firm Gigya reported that in the fourth quarter of 2015, Facebook Login constituted 62% of the social-login market. A similar firm, LoginRadius, found an even higher share for Facebook in that quarter, 68%.
But Facebook Login lets the other site see at least your name, profile image, and e-mail address. It probably gets more: Facebook didn’t limit the default data handover to those basics until March 21, when Zuckerberg announced policy changes after news broke of Cambridge Analytica’s alleged data heist through a Facebook app.
Facebook has since announced a tighter approval process for sites seeking access to your information beyond your public profile.
To see how sites see you through Facebook Login, inspect your apps settings. To get to them in a browser, click or tap the downward-facing triangle at the top right and select “Settings”; In Android, tap the three-line button at the top right and then “Account settings”; In iOS, tap the three-line button at the bottom right, then “Settings,” then “Account Settings.”
In either app, tap “Apps”; in a browser, choose “Apps and Websites.” “Logged in with Facebook” will list apps and sites on your account. Click or tap each to check its access and curtail it if the site ignored Facebook’s advice, “Only ask for the permissions you need.”
A link has been posted to your Facebook feed.
Chinese President Xi Jinping, center, and the country’s Internet chief, Lu Wei, talk with Zuckerberg during a gathering at the Microsoft campus in Redmond, Wash., in September 2015. Xi and top executives from U.S. and Chinese companies discussed a range of issues, including trade relations, intellectual property protection, regulation transparency and clean energy, according to published reports.
TED S. WARREN/GETTY IMAGES
- 1 of 28
- 2 of 28
- 3 of 28
- 4 of 28
- 5 of 28
- 6 of 28
- 7 of 28
- 8 of 28
- 9 of 28
- 10 of 28
- 11 of 28
- 12 of 28
- 13 of 28
- 14 of 28
- 15 of 28
- 16 of 28
- 17 of 28
- 18 of 28
- 19 of 28
- 20 of 28
- 21 of 28
- 22 of 28
- 23 of 28
- 24 of 28
- 25 of 28
- 26 of 28
- 27 of 28
- 28 of 28
LastPass or Dashlane (both free). These browser and mobile apps save your passwords in an encrypted stash so they can fill them in automatically. They can also scan your existing passwords for weak ones and generate strong replacements for them. And they work at sites that don’t allow any social login.
More: 7 steps for crafting the perfect password
Rob Pegoraro is a tech writer based out of Washington, D.C. To submit a tech question, e-mail Rob at email@example.com. Follow him on Twitter at twitter.com/robpegoraro.