Printed from http://www.electronista.com

Yahoo shifting away from Google, Facebook login credentials

updated 11:18 pm EST, Tue March 4, 2014

First migration related to NCAA basketball tourney bracket selection

Adding to the list of substantive changes by the new CEO, Yahoo will stop the practice of letting users access Yahoo services by signing in with Google or Facebook login information. The migration will happen gradually, with the ultimate goal of 100 percent of services requiring a Yahoo account over the next year.

The first migrated service is the NCAA college basketball tournament portal Yahoo Sports Tourney Pick'Em. The change began on Monday.

"Yahoo is continually working on improving the user experience," said the company in a statement marking the change. The new focus on Yahoo login credentials will "offer the best personalized experience to everyone" according to the Yahoo statement.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

  1. kerryb

    Fresh-Faced Recruit

    Joined: 08-05-01

    I personally will stop using any service or website that demands a Facebook or Gmail account to use.

  1. pairof9s

    Mac Enthusiast

    Joined: 01-03-08

    Ditto, kerryb...especially Facebook.

  1. Steve Wilkinson

    Fresh-Faced Recruit

    Joined: 12-19-01

    Ditto kerryb & pairof9s. Hopefully THAT is a driving reason they are doing this. Using one login at another site is just a big security no-no. It is literally teaching users to be phished. Then they start to get used to a dialog popping up at various sites they visit asking for those credentials, and think nothing about giving them. And, then there is the security risk of one-breach, access to everything of not using unique logins at each place. The only such login I'll use is Disqus, as at least there they are limited to site/blog comments... but I'd still rather have a unique login at each site. (I wrote an article about this at cgWerks if anyone is interested.)

  1. chas_m

    MacNN Staff

    Joined: 08-04-01

    I have to point out in fairness to third-party sites that let you use Twitter/FB/Google et al credentials to log in that *not a single one of them* demands that as the ONLY way to log in -- you ALWAYS have the option of setting up your own account etc.

    Also, some people here (ahem) appear to be unaware of OAuth (for Twitter) and whatever FB and Google use. The short version is that the third-party site *never handles or knows* your Twitter/FB/Google credentials, it is handled separately so that your login info stays with Twitter et al. Sort of like how commerce sites don't know or handle your CC number -- its encrypted and sent to bank clearinghouses.

    So at least with OAuth, a security breach at a site that lets you log in with Twitter *does not* compromise your Twitter login information.

    I'm not saying you guys are all wrong, just setting the record straight.

  1. Steve Wilkinson

    Fresh-Faced Recruit

    Joined: 12-19-01

    @ chas_m - How does the end user know where the data is going and how? What if they go to some site or blog and it pops up a 'Facebook login' that isn't using OAuth to send the data to Facebook, but instead is sending it somewhere else?

    My point, (ahem, you apparently didn't read my article) isn't that it is not secure, but the social training that is going on with the end user.

    If I got a phone call asking for my bank account information, it doesn't really matter if I'm pretty sure it's Bank of America or Wells Fargo on the other end, I wouldn't give it to them, AND I'd switch to another bank because they did such a silly thing. Whether they really were the bank or not, or that they used some kind of secure phone line is rather irrelevant.

    Also, no not every site that allows these logins has their own account setup. Many blog sites don't have any other option, as they have replaced their default systems with plugins which uses these systems. I know, as I've been frustrated at times that I can't comment on articles I would like to.

  1. besson3c

    Clinically Insane

    Joined: 03-03-01

    Originally Posted by Steve WilkinsonView Post

    @ chas_m - How does the end user know where the data is going and how? What if they go to some site or blog and it pops up a 'Facebook login' that isn't using OAuth to send the data to Facebook, but instead is sending it somewhere else?

    My point, (ahem, you apparently didn't read my article) isn't that it is not secure, but the social training that is going on with the end user.

    If I got a phone call asking for my bank account information, it doesn't really matter if I'm pretty sure it's Bank of America or Wells Fargo on the other end, I wouldn't give it to them, AND I'd switch to another bank because they did such a silly thing. Whether they really were the bank or not, or that they used some kind of secure phone line is rather irrelevant.

    Also, no not every site that allows these logins has their own account setup. Many blog sites don't have any other option, as they have replaced their default systems with plugins which uses these systems. I know, as I've been frustrated at times that I can't comment on articles I would like to.




    This is all valid, but this applies to websites that ask for any sort of information. This isn't a social network specific issue.

  1. Steve Wilkinson

    Fresh-Faced Recruit

    Joined: 12-19-01

    @ besson3c
    True, and IMO, that is exactly the point. The problem is the social training that sets people up for phishing. If you learn, only put XYZ's account data into your account at XYZ and never elsewhere, then you're only vulnerable if XYZ isn't trustworthy. But, if you're in a habit of putting in ABC's data in all over the place, you're likely to think little about putting it in at XYZ either.

    Before this current trend within the major social-media players, I can't recall too much of this going on.

  1. besson3c

    Clinically Insane

    Joined: 03-03-01

    It seems like the underlying belief is that information posted online has no value, people are rather naive about the economics of "free" services like Facebook, Twitter, GMail, etc., and therefore they attach little to no value to their credentials. I think people are generally more concerned with "their email being hacked" (when most of the time this is just header spoofing) than with willfully providing entities with access to all sorts of ways they can be profiled.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Life n Soul 8 Driver Bluetooth headphones

When it comes to music on the go, consumers generally have some options to consider when looking for the best experience. While Blueto ...

Tesoro Tizona G2N Elite gaming keyboard

The market for gaming keyboards is getting crowded, starting off with some fairly simple keyboards and diverging into the land of modu ...

GX Gaming DeathTaker mouse

Gaming is a serious endeavor for many people, driving them to look for the best performance in their system and interface devices. Fro ...

Sponsor

toggle

Most Commented

 
toggle

Popular News