https://developers.facebook.com/docs.../registration/The Registration plugin allows users to easily sign up for your website with their Facebook account. The plugin is a simple iframe that you can drop into your page. When logged into Facebook, users see a form that is pre-filled with their Facebook information where appropriate.
Many sites are incorporating a plug-in that allows you to register using your Facebook account. Essentially the intent is to make your Facebook identity work as a passport to the web. One username, one password, web-wide access.
This is a dubious development in the eyes of security professionals. Having a single point of validation to your online identity is like having a single key that unlocks and starts your car and opens your house doors. If you lose that one key someone can gain access to nearly everything you own and try to keep secure.
Yet it can't be denied that people are becoming overwhelmed with login credentials. Just off the top of my head I can think of one credit union, 3 forums, 2 blogs and numerous websites that I regularly log into, each with its own requirements for a username and for which I have unique passwords. I do use a password manager that requires its own username and unique master password, but should that become compromised again all my info is at risk. It has become a single point of (potential) failure.
I know of no plans for Volconvo to institute an option for using your Facebook account to log in here, but it certainly is a possibility in the future when the concept becomes even more widespread and expected.
So what's your opinion of this growing move to make a Facebook account your single login for nearly every site on the web? Will it make our online life easier and less complicated or will it become a major target for spammers, scammers and crooks? Do you use your Facebook account to log onto sites that allow it? Do you think it's a good or bad idea?
I side with the security specialists. As cumbersome as it is, having unique identities for each site gives me greater control over what information each site has access to as well as greater peace of mind when I read about yet another site's database being compromised and user credentials being exposed. Having said that, I am considering installing the plugin on at least one of my blogs as an option for those who prefer to use it. But I'm not entirely convinced it's a good move.