Is Signing in with Facebook Putting you at Risk?

Woman typing on keyboard

We’ve all seen the news about the Facebook security breach that’s compromised 50 million Facebook users. You may be thinking “another day, another breach,” but this brings up a bigger issue. Is using Facebook to sign-in to your other accounts safe? The answer: probably not.

Facebook, like many other identity providers, provides a single-sign-on functionality, which is the ability to create accounts on other sites using your Facebook credentials, rather than creating a unique password for every site.

While this feature provides extreme convenience, it also poses one big problem. If your Facebook account is compromised, now all those other sites and accounts are at risk of being attacked.

So, what should you do?

Here at LastPass, we always recommend having a unique, strong password for each and every account for this very reason. If one site is compromised, none of your other sites are at risk. And you can simply change one account password, instead of worrying about multiple accounts.

We know it seems daunting to remember hundreds of those unique passwords, but LastPass can do it for you!

Not only can LastPass help you generate a strong password, it will store your passwords in a secure vault and autofill your credentials when you visit your sites and apps. Once you have it set up, it’s just as easy to sign in to an account as it is through Facebook SSO, only more secure.

LastPass can help you create new accounts easily as well. Instead of hitting that “sign in with Facebook” button, simply enter your name and email and click the LastPass password generator icon in the Password field. That will generate and fill in a password for you. Once you hit save, LastPass will ask if you’d like to save that account to your vault. This video can walk you through the process.

Creating an account with LastPass

If you need help getting started with LastPass, check out our support site that can show you how to create an account, download the browser extension, add sites and more.

Another step you can take for added security is to add multi-factor authentication to your accounts. MFA is a feature that requires you to have more than just your username and password to log in to an account. After you enter your username and password it also requires a second piece of information – like a one-time code or your finger print. Facebook offers MFA, and you can find instructions here to enable.

In this age of breaches and hacks everyone is at risk, so it’s only in your best interest to do what you can to protect yourself before it happens to you.

One Comment

  • SAS says:

    I read that in this Facebook hack, they lost information that people could use to hack secret questions. I’m very glad that for secret questions, I never answer them truthfully, but use a LastPass pronouncable password instead. I hope it is not insecure to answer every security question with the same LastPass pronounceable one, but it makes things easier to enter (if the site allows). Thanks LastPass for having this available.