When I register in apps like booking.com and they ask for my Google password..

When I register in apps like booking.com and they ask for my Google password..

How safe is that?

Really feel like creating a «one-time» account for this purpose and not sharing my Google password. Even though I’ve enabled 2-part authentication.

19 kommentarer om “When I register in apps like booking.com and they ask for my Google password..


  1. You’re not sharing your password with a third party. You are authenticating against google, and all they get is a «token» that says you have succesfully authenticated as who you say you are.

    Liker


  2. The reason I ask is that this page ain’t created by Google. And all information is tunneled trough a server not owned by Google. It doesnt feel secure at all!!!!!

    Liker


  3. That third party sign in makes me nervous too, and i’ve always avoided it, tho if done right it should be perfectly safe. But you have to be very careful you’re not being phished with a false authentication panel anytime you type in a password. The question is, how does one know that the correct 3rd party process is secure?

    Liker


  4. Spot on Bill Brayman​


    How do I know they don’t read my Google password.


    Google+​ Google Chrome​ better come up with a «authentication» of who can ask for my Google password.


    I ain’t going to register an account at Booking.com​ until I get some sort of confirmation from Google.

    Liker


  5. Hi Melina M​


    I’ve tested this. I signed up using my Google account and they require nothing but my Google account password. I don’t have any password associated with Booking.com​

    Liker


  6. That look weird. There’s always a «log in with Google» button for that. And/or Facebook button. Never that you have to type in your password like that, except if it is a Google login pop-up token box thingy. #sceptic

    Liker


  7. I’m always logged in on Google on my phone. And yes Fawad Ali Khan Utmanzai​


    I did click the «log in with Google».


    Now Im pretty sure I’m not going to register!! 👍

    Liker


  8. i’m rusty on this stuff, but i guess the booking.com web page uses an embedded iframe pointed to google’s authentication service who presents the password panel, and returning an anonymous token for booking.com‘s use. The question in my mind is always how is it guaranteed that the password panel is a secure connection to google? Couldn’t it just be a javascript function masquerading as google? Of course no business would last very long if they did that, but still i wonder what is the guarantee?

    Liker


  9. This is NOT the Google account sign in. Do not enter your Google credentials in that form. It also clearly says you should enter your booking.com password, so this is likely a reverse check, to ensure the booking.com account is yours before adding the Google account to it.

    Liker


  10. Indeed, I’d never enter my Gmail/Google password in such a form. It asks for the Booking.com password. If these are the same passwords, then it’s because you must have given your Google password to Booking.com previously.


    With today’s best-practice approach / API, when signing up/in to 3rd parties with a Google or Facebook account, it never shares your password with that 3rd party. Never enter your G/F password on a website that’s not clearly theirs.


    And yes, this is a good place to urge everyone to enable two-factor authentication with Google.

    Liker

Legg igjen en kommentar

Fyll inn i feltene under, eller klikk på et ikon for å logge inn:

WordPress.com-logo

Du kommenterer med bruk av din WordPress.com konto. Logg ut /  Endre )

Google-bilde

Du kommenterer med bruk av din Google konto. Logg ut /  Endre )

Twitter-bilde

Du kommenterer med bruk av din Twitter konto. Logg ut /  Endre )

Facebookbilde

Du kommenterer med bruk av din Facebook konto. Logg ut /  Endre )

Kobler til %s

Dette nettstedet bruker Akismet for å redusere spam. Lær hvordan dine kommentardata behandles..