pixel

Is it safe to login to sites using my Google account?

DylanHodge.com Small Business IT Solutions

April 6, 2018

Many sites nowadays allow you to login using a pre-existing Google account meaning you don’t have to create and remember yet another password. But what does this mean exactly? Are these sites getting a copy of your Google login password or even worse, your personal information?

In today’s post we’re going to get an answer to the question Is it safe to login to sites using my Google account?

Ok so how does this work exactly? How is Google able to login to other websites on my behalf? I mean it’s great that I don’t have to continue remembering passwords and as more and more sites enable this functionality, the fewer passwords I need to remember. Awesome right!! But is it a secure solution and what happens if someone gets access to my Google account, do they then have access to everything else?

Here’s what we’re told from Google:

“Google sends a random code to third-party sites or apps to enable you to sign in with your Google Account.”

Here’s what they say with regard to information that is provided to the third party website:

“This code doesn’t reveal any personal information. These sites or apps are also able to request the name, email address, and profile picture associated with your account.”

Ok so it sounds pretty safe right? So long as you’re comfortable with Google providing your name, email address and picture. You’d likely provide that anyway if you were to signup the usual way with other websites right?

But here’s a bit more information you should be aware of from Google…”The site or app could also ask for access to data in any of the Google services you use. You should grant permission only if you trust the site or app.”

How do you “Trust” a site or app? You likely have no idea who is behind the website you’re signing into, at least not on a personal level. We are at the mercy of trusting whatever propaganda we are shown on their site so really it’s kind of trusting your gut and hoping for the best.

Also another important note that Google makes apparent on their website: “Google does not review or endorse websites and applications that allow you to sign in with a Google Account, and takes no responsibility for those sites. If you do not trust the site or app that is requesting access, you should not confirm that you want to use your Google Account to sign in.”

The good new is If you’ve used Google to sign in to a third-party site or app, you can revoke future access to your information at any time. Just follow these steps:

  1. Sign into your account
  2. Choose Personal Info & Privacy
  3. Click on “Apps with account access” on the left menu
  4. Choose the site or app you no longer want included and choose Remove.
    Note: The third-party site or app may retain information from the Google Account you used to access it and/or the Google Account information you allowed it to access. Google is not affiliated with third-party services that ask for authentication. Google simply provides sign-in technology to these sites.

If someone does manage to access your Google account, this will not automatically allow them into other sites however, they would be able to see the sites you have connected to your account and attempt to login to them so it’s a good idea to clean these up now and again using the steps above. Here’s a quick visual on how to do this:

Alright that’s about it. I hope this article helps you better understand the question Is it safe to login to sites using my Google account? Stay safe out there!

Check out these other articles…

Pin It on Pinterest