The Risks Associated With Using Facebook Login

By Edmund Ruan

January 7, 2021

With over 2.7 billion monthly active users and counting, Facebook has become the go-to online social networking platform. Ever since Mark Zuckerberg launched the site in 2004, friends and family have been able to stay in touch with each other more digitally than never before. In fact, 88% of users are on the social networking site to keep in touch with loved ones. Friends and family members have instant access to each other’s life updates through news feed posts. Through the built-in instant messaging software Facebook Messenger, people can stay connected even over long distances. In more ways than one, relationships have only grown stronger because of Facebook.

With a significant portion of the worldwide population having Facebook accounts, the company capitalized on its investment into the single sign-on industry through the creation of the service Facebook Login. A single sign-on is an authentication method that allows its users to securely access multiple applications and third-party websites using one set of credentials. Basically, only one set of username and password is needed to login to any site that provides the Facebook Login service. humanID is a variation of such service. You can see how ubiquitous it really is. From Spotify to Strava, one has the option to use Facebook’s sign-on service to login. Without even using the social media platform, Facebook is ever-present in daily life.

Facebook’s single sign-on boasts benefits for both developers and users. Facebook says that it has seen dramatic increases in usage and higher levels of engagement for websites that implement the service. According to Facebook themselves, the company Skyscanner, an app for finding the best deal on flights, hotels, and car rentals has seen a doubling of the people who use the login service on their app. Clearly, businesses and customers alike enjoy the convenience of not having to remember multiple passwords, and they have a right to.

So why should you care about the login service? Facebook, like all other social media platforms, is a business. According to CNN, “your personal information is Facebook’s currency. It’s bought and sold every day.” In simple terms, you are the product and advertisers are their customers. By using Facebook Login, you are feeding a business that has the intention of making a profit off of you. For social media companies, your likes, contacts, location, and interactions with people and groups are all highly cherished. Even the process of logging in is manipulative, and here’s how. Facebook and their third-party platforms show your profile picture when logging in to create a more personalized experience and as a result unconsciously forces you to feel  a stronger connection to the apps. According to Facebook, they are “more engaging and lead to higher retention.” When all of your data is on the web, can you really feel safe using Facebook Login? And just how vulnerable are you when you use Facebook?


Facebook is not immune to security breaches. It’s estimated that up to 600,000 accounts get hacked daily. Occurrences of massive hacks, such as one 2018 that involved 50 million accounts, are happening more often than ever. The market operates on a supply and demand algorithm. As long as there are those looking to rob you of your personal information, there is always potential for you to have your identity stolen. According to Business Insider, “compromised Gmail and Facebook accounts are among the priciest stolen logins, possibly because they could be leveraged to gain broader access or trick other people into handing over information.” On average, a hacked Facebook account goes for $74.50 on the digital black market. The 21st century gave way to a new form of identity theft.

New methods of data breaching are being created everyday by those with malicious intent, so adapting security measures is a never-ending task on Facebook’s part. Of the various ways your account could get hacked, which include phishing, keylogging, and sidejacking, using a service that stores your password is most precarious. It may make life easier at the moment, but it only takes one intrusion into an app to completely derail your internet identification. Because the login system is so centralized, a compromised Facebook account means everything you use Facebook Login for is compromised as well! An applicable example is having one key that can unlock all the rooms in your house. The login credentials represent the key and the third-party applications you use to login to these sites are the doors.

There are steps that you could take to better safeguard your internet identity. Best practices to avoid your account from getting trespassed upon include:

  1. Creating a new account for each app you use. Although more work is put in, your risk of getting everything stolen significantly decreases by having different keys for different doors.
  2. Use logins that don’t store your personal information, like humanID.
  3. Review all third-party apps you use Facebook Login on. Go on Apps and Websites in Facebook’s settings to review all the third-party apps associated with your login information. Here, you have the option to revoke permissions on apps you don’t interact with anymore.

Personal information is highly valued on the data black market nowadays. See more about how your data is being monetized here. For now, make sure to always log out of applications and take the necessary precautions to ensure that it is only you who uses your accounts!