Infrastructure // Networking
03:20 PM
Connect Directly
Repost This

SXSW: Social Login Is Magical But Tricky

Speakers from Facebook, Twitter, and Google explore the cutting edge and complexities of using one account to log into another.

Facebook Apps In Action
Facebook Apps In Action
(click image for larger view and for slideshow)
New social websites and applications increasingly piggyback on existing ones, using "login with Facebook," "login with Twitter," or "login with your Google account" functions rather than expecting users to create accounts specific to their own sites or services.

"To the user, this looks like magic," said Matthew Rothenberg, head of product at and moderator of a panel discussion on the topic at South by Southwest. The SXSW panel included representatives from Facebook, Twitter, and Google to talk about the Single Sign-On (SSO) authentication and account integration services they make available to developers. For developers, "this seems absolutely fantastic--and for the most part it is," Rothenberg said. Yet he also cross-examined the panelists on the parts that can be very hard, such as dealing with standards that each service implements a little differently and the pitfalls of reconciling accounts across different services.

"Some of you let me ask for an email and some don't," Rothenberg noted. In order to make sure captures that information, "we wind up doing what you're not supposed to do with SSO, which is throwing up another screen saying we also want you to supply this other bit of information," he said.

Facebook makes email addresses available, with the user's permission, but Twitter does not even though it uses some of the same basic Web standards.

The most broadly adopted standard for authorizing one website to share account information with another is OAuth, which generically specifies the mechanics for interactions like those Facebook pop-up windows that ask you to grant an application a list of permissions for different types of access to your Facebook account. Twitter and Google also support OAuth, and Google also supports OpenID, another standard for logging into one account using credentials associated with another. These mechanisms simplify life for users, who can use many websites without having to remember as many user names and passwords, while also lowering the technical burden on the websites. This is one of the most powerful techniques for boosting viral adoption.

As social login becomes more the norm than the exception, "it becomes all the more of a turnoff when you hit a site that wants you to fill out a signup form," said Matt Kelly, an engineer in the developer relations group at Facebook.

"If I was creating a startup tomorrow, I would start with SSO. I wouldn't want to build my own identity system," said Joseph Smarr, an engineer at Google and a technical lead on the Google+ project.

1 of 2
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Deb Donston-Miller
Deb Donston-Miller,
User Rank: Apprentice
3/14/2012 | 1:40:45 AM
re: SXSW: Social Login Is Magical But Tricky
I think the "freaking people out" element cannot be underestimated. I think it's really scary for users (including myself) when you login via Facebook or Twitter and experience lots of unintended consequences.

Deb Donston-Miller
Contributing Editor, The BrainYard
2014 Private Cloud Survey
2014 Private Cloud Survey
Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Elite 100 - 2014
Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators.
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.