You may have never heard of social sign-in or social login, but you’ve most likely used it at some point or another.
Have you ever applied for a job and logged into the application tool using Linkedin? Social sign-in.
Ever register for a new app using Facebook? Social sign-in.
Sign-up to comment to a blog using Twitter? Social sign-in.
Think about it.
Apps like Spotify, Instagram and Pinterest all use social login, exclusively in some cases, to create accounts.
Many more offer social sign-in to access an existing account, if you’ve linked your social media account.
For the uninitiated, social login, aka social sign-in, is a form of single sign-on which uses existing login information from a social networking service like Facebook or Twitter to sign a user into a third party website without having to a new login account specifically for that website.
Social login is designed to the ease login process for users by allowing them to utilize pre-existing login credentials.
At the same time, social login provides developers with a wealth of information on it’s apps/sites’ users by tapping into the demographic data collected by these social networking services.
While social login is a win-win for developer and users, who both gain from the convenience of not having to remember multiple logins, and the ability to collect rich user data, there is a pitfall.
If you decide you no longer want to maintain that annoying Facebook account and deactivate it, every other account which relies upon your Facebook account to log in goes away.
I recently read one horror story of a journalist who decided that he’d had enough and was leaving Facebook for good.
He ran through the standard “are you sure?” alerts as he march down the path to Facebook freedom, never reconsidering his decision for a minute.
And then it was done.
But in his haste, he forgot about all the other accounts that relied upon his having an active Facebook account, like Instagram and Spotify.
So when he went to log into those apps, he was screwed.
He could no longer access any of them.
And therein lies the rub.
While it’s super convenient to use an existing set of social media credentials to establish a new social media account or as your go-to login, it’s also fraught with the risk of permanent coupling.
At this point, you’re thinking, “I’ll never get rid of my <name of cherished social media account here>, so what’s the big deal?”
The big deal is that one day, you may, and when that day comes, will you even remember that you’re a hostage?
Or will you do as our journalist friend did, and rashly decouple, only to regret it later?
Let’s say you do remember, will you have the wherewithal to track down all those accounts and change your login details?
Now, if you’re a brand building your site or app to leverage social sign in for the convenience it provides your users and the rich data it collects, you’re probably not too concerned.
But you should be.
As the recent Meerkat and Twitter issue just revealed, he that giveth can taketh away.
My old English is on pointh!
If you are using an API developed by a third party, if they decide one day, that they’re no longer interested in you mining their data, they can shut you down, and like Meerkat, force you to revise your whole strategy.
At the end of the day, while you can use an existing social media account to create or log on to another website or application, I’d recommend using an email account and setting up unique credentials to avoid this trap.
For brands, I suggest offering the ability to use social sign on as an ancillary login method after an account has been established using an email account or mobile phone number.
In this way, should one decide that they’re no longer interested in maintaining that <name of cherished social media account here> they won’t be permanently locked out.
Have you ever had a social login debacle? Share your story in the comments!