You have probably faced this dilemma many times when signing in to a new website or service. Should I use a Google account to sign in? Well, to sign in with a Google account has become second nature and the security of this process is rarely questioned. What are the advantages and disadvantages?
This article will help you determine if you should continue to sign up with a Google account or not. Importantly, Google uses a protocol called OAuth, an open standard for access delegation. Before we delve deeper into this technology for logging onto websites, let us define what OAuth is and how it works.
What is OAuth?
If you have ever used the “Sign in with Google” button or have access to a third-party app on your Facebook account, you have used an OAuth. OAuth is an open-standard authorization protocol that allows you to access websites without the need to provide your actual account password. The OAuth protocol represents advances in Web security.
Definition of the term according to Wikipedia:
“OAuth (Open Authorization) is an open standard for access delegation, commonly used as a way for Internet users to grant websites or applications access to their information on other websites but without giving them the passwords.”
How Does Signing in With Google Work?
It is common for a particular site to request that you create an account with them. This would mean choosing a new username and providing an email address to which they can send a confirmation message. The site might as well offer you the use of an authenticator (e.g. Google authentication).
When you select Google as the authentication provider, you are redirected to confirm the identity. The third-party service gets permission to access specified information from your Google account, and the received information is used to sign in to the website or service.
This authentication process accomplishes two important things:
- Enhances security (password protection)
As previously mentioned, the new website or service you are logging in to – does not get access to your password. When you are signing in, you directly sign in with your Google account. Google then sends a token back to the site that confirms your identity. From then on, you are free to roam the expanses of the Internet.
- Authentication. Google stores your information and authenticates to other websites your identity.
Could It Really Be That Simple?
Of course not. There is a catch. The service you are accessing will gain access to some aspects of your account. At the very least, it will be your primary Google email address. Including any personal information, you have made publicly available like your name or a profile picture. It may also be your Google Calendar (which contains important information about your daily routine, private events, locations, appointments, notes from meetings, etc.).
Third-party apps and services can request permission to view and copy information such as your Contacts (with the names, addresses, phone numbers, and other contact details of people from your contact list), photos, YouTube playlists, and much more.
Still, Is Signing In With Google Safe?
Generally, it is a lot safer signing into other websites with Google, than it is creating a standalone account.
Here are the reasons why:
1. Use of two-factor authentication
While there are theoretical chances that any account can be breached, using double or even triple protection significantly increases your chances of being more secure. The password you create may check all the boxes, but adding a second method of verifying your identity could be an even smarter idea. Make sure you have a strong password and two-factor authentication set up for your Google account.
2. One password less to remember
If you are not using a password manager, the more passwords you create, the more likely they will not be secure enough. In case one of these sites gets hacked, the hackers will be able to piece together your patterns for creating passwords. If you have not used unique passwords, they can easily gain access to your other accounts.
Oauth is a great option in this regard – with the use of a strong and unique password, there will be no need to remember new ones.
3. Relying on security sustained by Google
The resources that companies like Google invest in security go beyond those of any other website. Also, Google has long been present in our private and business lives. To some extent, we have to trust it. The question is whether you equally trust the site to which you want to provide your information.
4. The hacking scenario is negligible for information security
As previously mentioned, the site you want to access never gets access to your password. All it has is a token that allows them to confirm your identity with Google. If there is a case of hacking, there is no need to worry that your information will be compromised.
Disadvantages of Signing in with Your Google Account
When creating an account using a Google authentication service for signing in, note the following:
1. Creating Too Many Accounts
Since it is so easy to access the services thanks to identity providers, it is easy to activate many new online accounts. Do not forget that with each new account you provide personally identifiable information. Your data is being sent to many companies.
2. Privacy Concerns
Please note that Google has access to the websites you have logged into using your Google account. This service gives Google a lot of data about your internet traffic, and consequently your habits and interests. The information collected from your profile results in reduced privacy. It is also used for targeted advertising purposes.
3. Challenges to Unlink from Authentication Providers.
Google makes it easy to unlink your information from specific accounts. However, unlinking is a bit challenging if you decide to use multiple authenticators.
Should You Use a Google Account to Sign In?
Using an identity provider, such as Google is a simple and convenient solution. The security of your data is considerable. For people not accustomed to using a password manager, an authentication provider will ensure greater security of their information. The eventual downside of this service is the loss of some of your online privacy.
As long as you are using a strong password and have set up two-factor authentication for your Google account, it is much safer for you to access other sites and services.