Monday, November 5, 2018

Don't Use the Single Sign In feature provided by companies like Facebook, LinkedIn, and Google

An article on the Wired web site, https://www.wired.com/story/facebook-hack-single-sign-on-data-exposed/, describes the perils of having that kind of account where you can use that account to sign on to another account.  "That kind of account" includes Facebook, Google, and LinkedIn.  For example, take Facebook.  You can sign in to another account, say Uber, using the Facebook login and password.  The obvious problem is that if someone knows your Facebook login information, then that person can log into your Uber account.  But it is worse than that.  Someone can hijack a piece of data stored on your computer called a token, placed there by your Facebook account, and can log on to your Uber account with that token.  This can happen even if you have never logged on to Uber using your Facebook account information. 

The article describes various scenarios that Facebook users are exposed to.  What can you do?  Well, my recommendation is to entirely cancel your Facebook account and then clean out your browser cache for all browsers you use.  In fact, I believe that Facebook should be forced out of business if it retains its current architecture and business and political arrangements.

For those that insist on using Facebook- like me, never use Facebook login information to access another account.  Go into your Facebook control page and make sure you don't have current accounts that are linked to your Facebook account: 

How:  To turn off Facebook's integration with apps, games and websites:
  1. Click  in the top-right corner of Facebook and select Settings.
  2. Click Apps and Websites in the left side menu.
  3. Scroll down to the Apps, Websites and Games section and click Edit.
  4. Click Turn Off.

Then, use Facebook only in the incognito mode of your browser.  This will erase all Facebook tokens at the end of your Facebook session.   Don't leave your Facebook session active and unattended.

There is a similar approach for other web sites that provide this Single Sign In function. 
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Printfriendly

Print Friendly and PDF