Signing in to a service

Sign-in using another account

Sign in using another account

Description

Sign in to a service with an account you already have. This is known as single sign-on (SSO) or social login.

For example, you can sign in to a new app with a Google account.

IF thinks that this pattern reduces the number of passwords people have to remember and avoids people using the same password for different services (if they don’t use a password manager). This also means that the single sign-on account becomes a single point of failure for numerous logins so it should be protected with a strong password and multi-factor authentication. Sign-on providers might track people’s online movements and preferences.

Advantages

  • No need to remember another password
  • No need to verify email addresses
  • Fast access to new services
  • Can be more secure than creating multiple sign-ins with different services (single sign-on providers tend to be more protected against breaches and offer multi-factor authentication)
  • As people enter passwords less there’s less opportunity for something to go wrong, like a hack or misconfigured security
  • Can protect people’s privacy by, for example, hiding the email address from third-party services
  • People can revoke access through the single sign-on provider

Limitations

  • If the single sign-on account is compromised, the security of linked services is at risk and people might be locked out of them
  • Single sign-on providers might track users’ online movements and preferences
  • Third-party services might ask for additional permissions at sign-in. They might require to, for example, access your contact list, tweet on your behalf, etc. (Google)

Examples