Key Takeaways
- Avoid using SSO to create accounts as it creates a single point of failure for all linked accounts.
- Using SSO gives tech companies control over your account, not you.
- Instead of SSO, use a password manager for convenience without risking security.
When you create a new account online, you’ll have the option to sign up with Google, Facebook, or another service. As tempting as that is, you should probably avoid it and create an account based on your own email address or username instead. To explain why, let’s take a look at something called SSO.
What Is SSO?
Single sign-on, better known by the acronym SSO, is a technology that lets you sign in to multiple services with just a single set of credentials. SSO gets a bit complicated behind the scenes, but the short version is that when you create an account with a non-Google service through Google, instead of getting a normal set of credentials, a token is created instead.
This token is a small file controlled by Google that lets you sign in seamlessly into your new account. As long as you’re signed into Google, you can access any sites it holds the tokens to. It’s a pretty nifty bit of technology, and saves a lot of time and hassle with passwords.
Why You Shouldn’t Use SSO
However, there is a price for this convenience, and one you may not want to pay. A strong password is an effective security tool, deterring attackers and preventing access. It’s also a case of the more, the merrier: it’s better to have each of your accounts secured independently. Even if one is breached, the others will be safe.
When using SSO, you’re reducing all these smaller protections to a single point of failure. If somehow your main account is breached, all those tokens are now controlled by the attacker, and you can’t easily change that. They will have free rein over all the associated accounts. It’s a security nightmare.
Speaking of control, even without the threat of a massive breach you may want to reconsider having Big Tech sign in for you. For one, you’re handing control over your accounts to a service that may decide to lock you out. Horror stories abound of people being locked out of their Facebook and Gmail accounts, with little recourse to getting back in; if you’re using SSO, you’d also lose access to your other accounts.
How Big Tech Can Track You with SSO
Secondly, you may want to consider whether you really want these behemoths to know everywhere else you sign in. Their business is all about gathering data for advertisers, and it seems like using them to sign in to your accounts is just making things easy for them.
For example, Google controls what you see in search results, while according to WIRED, Facebook tracks your browsing habits. Letting them know exactly which online services you use is just another data point they can sell. If you’re privacy-oriented, there are alternatives that are just as simple to use.
Don’t Weaken Your Own Security
However, swearing off SSO doesn’t mean saying goodbye to convenience. You can simply use a password manager instead, a program that stores and automatically fills in passwords for you. These are just as easy to use as SSO, but come without the negative security implications. Even if your password manager was cracked somehow, you could always reset your accounts yourself, as you’d still have control.
If using a password manager seems like a better idea than using SSO, check out our picks for the best password manager. Some even have free plans, meaning extra security won’t have to cost you any extra money.
