I've been using google sign-in option at more and more websites. Just helps avoid forgetting passwords across devices where i cant have my own browser logged in.
Please enlighten me about any risks, is it a bad habit that I should change?
Kind Regards
If you travel to China and aren't set up properly, you'll likely wont even be able to log into sites that aren't blocked.
Solution - VPN.
VPN would be the "and aren't set up properly", but not just any VPN. Many VPNs don't work in China either. Even some of the most reliable struggle during sensitive periods.
Incidentally when I was there a few years ago, using roaming data looked like it bypassed the great firewall entirely.
The other big issue IMO is that it obviously ignores best practice of not reusing the same password across multiple sites. If your account is compromised they get access to every site you've used it on (and they'll know because Google stores that history which I guess may also be a privacy concern) rather than just one site.
One downside is that it helps google collect more data and assign it to your google account that are collected on these other sites by goolge. Google can then use the data for even better targeted adds to get you to buy full priced stuff.
even better targeted adds to get you to buy full priced stuff.
Oh no, my adblocker.
More and more sites are detecting my add blocker… grrrr
Google can then use the data for even better targeted adds
I think that is a fair price to pay in exchange for an excellent search engine, Google Maps, the most widely-used phone OS in the world, the biggest video sharing website in the world, email, and for websites like this to exist.
to get you to buy full priced stuff.
Seeing an ad doesn't force you to buy full-priced stuff. There's a bit of a blame culture going on. People don't want to take responsibility for their own actions. It's always someone else's fault.
firefox offers the same service, without google
As others said, if one account is compromised, all other linked accounts will be compromised. Apart from that, you will get a lot more targeted ads from google.
One alternative (better in my view) is to use password management system like enpass or lastpass. They have the capability to auto fill in passwords and are available cross devices. This will help to generate more secure and unique passwords. Best to go for something like enpass which is fully offline and encrypted.
bitwarden is a great alternative as well
Using google to sign into different accounts can give them a much clearer view of your online activities. This is great for Google as it helps them:
- populate their personal marketing profile of you
- make more money from the advertisers that target you
Only a concern if you don't use a Chromebook or the chrome browser already though.
It's a feature designed to alleviate the data loss from privacy focused changes/data collection restrictions being out in place by Apple and Microsoft etc.
Given the average ozbargainer is happy to hand over tracking data to earn a couple of dollars cashback, I understand this probably isn't a concern for most - just trying to help people make an informed decision.
Only a concern if you don't use a Chromebook or the chrome browser already though
I think you underestimate how hard it is to avoid being profiled by Google. Most website might use Google's analytics, fonts, ads, maps, captha, videos, reviews , dns, and other services.
That's fair - Google do try to capture data through a lot of different ways. Data capture is different from being able to attribute the data back to an individual's profile though.
Safari/Firefox/Edge all have fairly aggressive privacy measures available now days (particularly around third party cookies, masking device IDs and IP addresses), but many are optional so you're right in calling out that statement. Using a different browser doesn't guarantee protection from Google's data harvesting
You’ve just volunteered to give them more insight into you.
They already know. This is just formalising the process.
Thanks, that makes sense.
Sign in with Apple best.
Hopefully they've learned from The Fappening. :)
I think there are two disadvantages. One is that it is the keys to your kingdom. If your Google login gets compromised, the attacker can access all your other services. You can help protect against that by strengthening access to your account, e.g. disable SMS-based 2FA and using something more secure like Google prompts or a hardware key.
The other disadvantage is if you somehow violate Google's T&Cs they can terminate your account which would block access to all those other sites. If you don't do anything dodgy (or let your account get taken over by a dodgy party) you should be fine.
WebAuthn passwordless best.
My first thought would be, just make sure you don't get locked out of your google account. You could be locking yourself out of every other site if they don't have a secondary login method.
If you travel to China and aren't set up properly, you'll likely wont even be able to log into sites that aren't blocked.