I’ve noticed recently that a number of websites allow you to log in using another web service instead of directly from that webpage. For example, my son couldn’t remember his password at PhoneZoo, but it had an option to log in from his Facebook page. He pressed the button, logged into Facebook and he was also logged into PhoneZoo.
Can you explain this a little bit about what’s going on here and whether this means there is an increased security risk? If someone gets in his Facebook account, I would assume they could also get into his PhoneZoo account or any other website providing this access. Is this a trend and is there any way to avoid it?
Rarely do I get to be this absolute: if it’s presented as an option, don’t use it. Log in with a traditional email or ID and password instead.
There are a variety of reasons, but the most important is simply basic security.