This Facebook mess proves simple logins should die

Chris Burns - Apr 5, 2018, 1:07pm CDT
3
This Facebook mess proves simple logins should die

Over the past several weeks, developers have been in a tizzy. They’ve been getting more error messages than they can handle, all because of one company’s omnipotence. Facebook’s developers suddenly realized they cant responsibly handle all the data they’ve been harvesting, so they’ve hit some rather important off-switches. The result isn’t pretty.

The biggest mobile game in the world, Pokemon GO, launched with a login system. Players would either have to sign up for a Pokemon account, or they could log in with their Google account. The folks at Niantic made it simple to jump into the game while retaining cloud-based credentials.

Developers of all sorts are encouraged to include Google login, Facebook login, and other 3rd-party sign-in methods for their apps – and they’ve been doing so for half a decade. It’s been made so simple to add a major brand-name login system that developers tend to include it by default.

Until now, that was completely fine. It made sense to include a button that allowed a user to log in to an app with Facebook because it’s simple. Massive amounts of people have a Facebook account, so including a Facebook login button made the process as painless as possible.

SEE TOO: Facebook VP memo shows execs knew, were OK with shady practices

But there’s a problem, here. When one system is compromised, the others are as well. Facebook’s most recent revelation was that their basic search operator exposed 87 million users to Cambridge Analytica exploitation. Because Facebook’s developer code wasn’t secure, they restricted their API, cutting off access to developers that don’t update on the regular.

Imagine a world without Facebook, Google, or Amazon login buttons. Imagine a world where every app and webpage used their own unique login system. Imagine how much extra time it’d take to log one’s self in to each system, just to click that thumbs-up button, or comment.

Now imagine how much better it’d be if we didn’t operate in a house of cards. Wouldn’t it be great if app and webpage logins were secure, instead of simple? That’s the future I’m crossing my fingers for, but for which I will not hold my breath.


Must Read Bits & Bytes